The Court of Appeal of the State of California (the Court of Appeals) recently ruled that Proposition 24, the California Privacy Rights Act of 2020 (CPRA), is enforceable without any further delay. The CPRA contains important changes to the California Consumer Privacy Act, including with respect to online advertising.
Tech & Sourcing @ Morgan Lewis
TECHNOLOGY TRANSACTIONS, OUTSOURCING, AND COMMERCIAL CONTRACTS NEWS FOR LAWYERS AND SOURCING PROFESSIONALS
Morgan Lewis partners Christopher C. Archer, Anastasia Dergacheva, and J. Daniel Skees as well as associate Arjun Prasad Ramadevanahalli will discuss developments and trends in cybersecurity and digital transformation for the energy industry on Wednesday, November 29.
The Federal Trade Commission (FTC) recently adopted a final rule amending its Standards for Safeguarding Customer Information (commonly referred to as the “Safeguards Rule”) to require financial institutions to report certain data breaches and other security events to the FTC.
The UK government has announced the UK extension to the EU-US Data Privacy Framework, known as the UK-US data bridge. The new framework will allow businesses to transfer personal data between the United Kingdom and the United States. This blog post explores the significance of the UK-US Data Bridge and what it means for businesses on both sides of the Atlantic.
The United Kingdom’s Information Commissioner’s Office and data protection authorities from Canada, Australia, Hong Kong, Mexico, Switzerland, Norway, New Zealand, Colombia, Jersey, Morocco, and Argentina have released a joint statement on data scraping and its impact on data privacy.
In a recent LawFlash, George Cyriac and Dr. Axel Spies reviewed key features of India’s new privacy law—the Digital Personal Data Protection Act, 2023 (DPDP Act). They also discussed what to expect regarding and how to prepare for these new requirements, including that India’s central government may enact separate rules to give effect to certain provisions of the DPDP Act.
Don Shelkey and Ben Klaber will present a continuing legal education (CLE) webinar on digital health transactions on September 14 at 1:00 pm ET.
In a major victory for privacy professionals, technology companies, and those intending to use healthcare data to feed artificial intelligence algorithms, the US Court of Appeals for the Seventh Circuit recently rejected a putative class action regarding the collection and exchange of anonymized healthcare data.
Morgan Lewis partner Greg Parks recently authored an Insight regarding developments in US data privacy law and increased attention on data privacy and security by the US Congress and certain federal agencies.
The EU-US Data Privacy Framework (DPF) became effective on July 10, and on the same day, the European Commission adopted an Adequacy Decision relating to the DPF, as a successor of the EU-US Privacy Shield. While only those companies subject to the jurisdiction of either the Federal Trade Commission or the US Department of Transportation are eligible to self-certify their compliance with the DPF, the scope of eligibility is likely to broaden in the future.