Now that 2021 came to a close, what does our crystal ball predict for privacy developments in 2022? Here’s a quick rundown. Law and policy developments In 2022, expect an avalanche of new laws and regulations, attempting to govern and impose order on a dizzying array of tech developments. New…
The UK’s Newly Assertive FCA pushes Google to Check Fintech Companies’ Drive Into Europe Subject to mounting pressure from UK lawmakers and regulators, in June 2021 Google announced a new policy that could limit the ability of US fintech companies to advertise in the UK – a key market for…
In what is likely the largest industry-wide vulnerability since the SolarWinds Orion flaw uncovered late last year, a critical software bug was recently discovered within Apache Log4j, an open-source logging utility widely used in business software development. A long list of technology companies have already reported being affected, including such…
In response to the growing threat to financial stability posed by cybersecurity incidents, the Office of the Comptroller of the Currency (OCC), the U.S. Department of the Treasury, the Federal Reserve Board, and the Federal Deposit Insurance Corporation (FDIC) (collectively, the “agencies”) published a rule titled “Computer-Security Incident Notification Requirements…
On 25 November 2021, the UK Information Commissioner’s Office (“ICO”) published an Opinion on Data Protection and Privacy Expectations for Online Advertising Proposals (“Opinion”). The Opinion emphasizes several data protection concerns relating to behavioural advertising and sets out overarching expectations that companies must meet to safeguard people’s privacy online when…
Data controllers processing personal data in Turkey must register with the Turkish Data Controllers Registry, “VERBIS”, to notify the Turkish Data Protection Authority (“DPA”) of their processing activities by 31 December 2021, under penalty of a fine. In addition, data controllers not established in Turkey (“foreign controllers”) will need to…
On 18 November 2021 the European Data Protection Board (“EDPB”) released its Guidelines 05/2021 on the Interplay between the application of Article 3 and the provisions on international transfers as per Chapter V of the GDPR (“Guidelines”) for public consultation. The Guidelines clarify one of the most vexing issues in…
On September 22, 2021, Bill 64, the Act to Modernize Legislative Provisions respecting the Protection of Personal Information[1] (the “Act”) received royal assent in Québec. This important and comprehensive new data protection law will usher in significant changes to the protection of personal data in Québec, bringing the privacy regulatory…
View our Breaking Down the FTC’s Updates to the Safeguards Rule Webinar here. Below, find more details about what topics were covered in this webinar by Goodwin partners Boris Segalis and Anthony Alexis, and moderated by Mia Havel, Senior Privacy Counsel at Marsh & McLennan. You may also view materials…
The United States is in need of comprehensive federal data privacy legislation, which may finally be gaining traction. In late 2019, two competing federal privacy proposals were drafted. Senate Bill 2968 (the “Consumer Online Privacy Rights Act”), was introduced by Senator Maria Cantwell (D-WA), among others. And the “United States…