Tagged as: Data Protection

Approaching Deadline for Data Controller Registration and Representation Requirements in Turkey

Data controllers processing personal data in Turkey must register with the Turkish Data Controllers Registry, “VERBIS”, to notify the Turkish Data Protection Authority (“DPA”) of their processing activities by 31 December 2021, under penalty of a fine. In addition, data controllers not established in Turkey (“foreign controllers”) will need to…

Read More

Québec Adopts New Comprehensive Data Protection Law

On September 22, 2021, Bill 64, the Act to Modernize Legislative Provisions respecting the Protection of Personal Information[1] (the “Act”) received royal assent in Québec.  This important and comprehensive new data protection law will usher in significant changes to the protection of personal data in Québec, bringing the privacy regulatory…

Read More

SEC Seeks Input on BD and RIA Digital Engagement Practices

Authored by: Nicholas Losurdo and Christopher Grobbel The SEC recently solicited public comment on digital engagement practices (DEPs) used by some broker-dealers and investment advisers, including predictive data analytics, differential marketing, and behavioral prompts (such as gamification).  The public comment window closes October 1, 2021.  Comments letters submitted already are available here—viewpoints run…

Read More

EDPB to Provide Clarification on Transfers to Importers Subject to the GDPR: Another New Set of SCCs Seen

The European Data Protection Board (EDPB) recently published minutes of its last plenary meeting held in September 2021, which (in paragraph 2) shed light on how the EDPB may address one of the biggest open issues regarding data transfers from Europe — whether under General Data Protection Regulation (GDPR), Chapter V data…

Read More

There's a New Regulator in Town: China Passes an Omnibus Data Privacy Law

On August 20, the People’s Republic of China became the latest global economic powerhouse to pass an omnibus privacy law. Titled the Personal Information Protection Law (“PIPL”), the law was adopted by the Standing Committee of China’s National People’s Congress, China’s top legislative body, and is slated to take effect on…

Read More

Europe Opts for Pragmatism with new SCCs and ICO Opens Consultations on UK SCC — What Companies Need to do Next

The dust has settled on the new EU standard contractual clauses for cross-border data transfers (“New SCCs”), but confusion still reigns on how the New SCCs cover data transfers and what companies need to do to take advantage of them and comply with regulatory implementation guidance, including in relation to…

Read More

Companies Can Protect Proprietary Data When Responding to CCPA Privacy Requests

Since its passage almost three years ago, the California Consumer Privacy Act (“CCPA”) has offered California-based consumers certain rights over the personal information companies collect and process about them. While responding to any request to exercise CCPA rights creates its own set of challenges, one right in particular – the right to…

Read More

NYC Enacts Biometric Data Disclosure Rules and Restrictions

Millions of vaccinated Americans — now maskless — surely can’t wait to rekindle their love affair with their iPhone’s facial recognition technology. Meanwhile, these same people are probably less eager for the bars, restaurants, and theaters they visit to collect that same facial data and other biometric information without their…

Read More

What To Expect From NYC’s Tenant Data Privacy Act

New York City tenants harboring “big brother” concerns over landlords abusing data collected through smart access (i.e., keyless entry) systems will soon be able to rest easier. Following California, Virginia, and the British Virgin Islands, the New York City Council recently became the latest legislative body to pass privacy legislation with the Tenant Data…

Read More