Time 2 Minute Read

On December 3, 2024, the European Data Protection Board published its draft Guidelines 02/2024 on Article 48 of the GDPR, which focus on how a controller should act when subject to a judgment or administrative decision requiring the transfer or disclosure of personal data to a public authority in a third country.

Time 6 Minute Read

Patrick Gunning of King & Wood Mallesons reports that on November 29, 2024, the Australian Parliament passed more than 30 bills on the final sitting day for the calendar year. Among the flurry of legislative activity were the Privacy and Other Legislation Amendment Act 2024 and the Online Safety Amendment (Social Media Minimum Age) Act 2024, the latest developments in Australia’s ongoing efforts to update its privacy legislation and address concerns related to children’s privacy.

Time 1 Minute Read

In November 2024, the Federal Trade Commission released a staff perspective paper titled “Smart Device Makers’ Failure to Provide Updates May Leave You Smarting” that reflects on the findings from an FTC survey regarding software updates for smart products. 

Time 7 Minute Read

As we approach the one-year anniversary of the effective date of the U.S. Securities and Exchange Commission reporting rules on Form 8-K for material cybersecurity incidents, we provide a high-level overview of the last year’s developments.

Time 3 Minute Read

On November 6, 2024, the Transportation Security Administration published a Notice of Proposed Rulemaking that would subject critical surface transportation owners and operators to cyber risk management and reporting requirements.

Time 2 Minute Read

On November 27, 2024, the Centre for Information Policy Leadership at Hunton Andrews Kurth filed a response to the Department of Justice’s Notice of Proposed Rulemaking, which implements Executive Order 14117 of February 28, 2024.

Time 2 Minute Read

On November 6, 2024, a Texas state district court jury found that a large e-discovery vendor violated Title 7, Chapter 33 of the Texas Penal Code, which provides that accessing a computer without its owner’s permission is a Class B misdemeanor. This case highlights the importance for e-discovery vendors of considering data privacy and security requirements in the course of discovery proceedings.

Time 3 Minute Read

On November 7, 2024, the Commission Implementing Regulation 2024/2690 laying down rules for the application of the NIS2 Directive as regards technical and methodological requirements of cybersecurity risk-management measures and further specification of the cases in which an incident is considered to be significant with regard to certain digital service providers entered into force.

Time 2 Minute Read

The Supreme Judicial Court of Massachusetts, the state’s highest appellate court, recently held that website operators’ use of third-party tracking software, including Meta Pixel and Google Analytics, is not prohibited under the state’s Wiretap Act.

Time 1 Minute Read

Last month, the UK government resurrected previous attempts to reform UK data protection law and introduced the draft Data (Use and Access) Bill into the House of Lords. This blog entry provides a link to read more about the Bill.

Search

Subscribe Arrow

Recent Posts

Categories

Tags

Archives

Jump to Page