On March 11, The California Attorney General (CA AG) released a second set of modifications to the proposed regulations implementing the California Consumer Privacy Act (CCPA). These modifications update the initial draft regulations published on October 11, 2019 as well as the first set of modified draft regulations published on February 10, 2020 (as we previously covered here and here). The second set of modifications contain a small number of impactful changes, which we summarize below.
The CA AG will accept public comments on this second set of modified draft CCPA regulations until Friday, March 27, 2020 at 5 pm PDT.
Below is a summary of key changes:
On January 17, The Belgian Data Protection Authority (DPA) published Recommendation no 01/2020 providing Guidance on direct marketing. The Recommendation provides a methodology on how to comply with the General Data Protection Regulation (GDPR) when conducting direct marketing.
Context and Scope of Application
The Recommendation applies to all kinds of promotions, including sales and advertising, and is not limited to promotions of a commercial nature. It refers to all data subjects that may be targeted by direct marketing such as clients, members, prospects, subscribers, or even voters. Continue Reading
As highlighted by our new Privacy 2040 initiative, there have never been more opportunities to shape the existing and future privacy and cybersecurity legal framework. Consultations on draft guidance and surveys of various stakeholders are an important step in the production of new rules and materials, and the UK Information Commissioner’s Office (ICO) and the European Data Protection Board (EDPB) currently have a number of open consultations. The consultation process provides an opportunity to contribute to and to influence regulatory direction. This post lists and discusses a number of consultations which are currently open. Continue Reading
Slowly but surely, the U.S. Courts of Appeal increasingly agree on how to interpret the definition of “automatic telephone dialing system” (“ATDS” or “autodialer”) in the Telephone Consumer Protection Act (“TCPA”). On February 19, 2020, a unanimous Seventh Circuit panel refused to revise a putative class action in Gadelhak v. AT&T Services, Inc. after concluding that the dialing system used by AT&T did not qualify as an autodialer. Like the Eleventh Circuit in Glasser v. Hilton Grand Vacations Company, LLC and Third Circuit in Dominguez v. Yahoo, Inc., the Seventh Circuit held that an “autodialer” must use “a random or sequential number generator” to either store or produce numbers. Because the system used by AT&T simply pulled numbers from a database, the court found that the system was not an autodialer and the texts did not violate the TCPA. Continue Reading
On Friday, February 7, 2020 the California Attorney General (CA AG) released a notice of changes to the California Consumer Privacy Act (CCPA) draft regulations, making substantial changes to the earlier draft regulations published in 2019 (covered in a prior webinar by Hogan Lovells, here). Hogan Lovells Privacy and Cybersecurity partners hosted a webinar discussion of the modified draft regulations and how they may impact compliance efforts. Continue Reading
Please join us in our London offices for a lively panel discussion on what financial institutions and service providers need to know about cybersecurity and cyber incident preparedness.
Through an interactive case study, the panel will examine the key challenges that companies face before, during, and after a cybersecurity attack, including cybersecurity preparedness, incident response, notification requirements, and litigation and regulatory enforcement risk. Hogan Lovells Cybersecurity Partner and former Global Head of Cybersecurity at JPMorgan Peter Marta will be joined by London-based Partners Arwen Handley (Litigation and Investigations), Philip Parish (Litigation and Investigations), and Nicola Fulford (Privacy and Cybersecurity). Continue Reading
Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the effective date of the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act or Act). The Regulation and the Act both contain prescriptive cybersecurity requirements and new breach notification obligations for regulated organizations. The Act has a particularly broad reach, impacting any company that owns or licenses private information of New York residents. Continue Reading
Please tune in for an in-depth podcast discussion of cybersecurity and the False Claims Act, featuring Mike Vernick and Mike Scheimer.
- February 26: FCA Enforcement in the Financial Services Sector
- March 4: Looking ahead
On January 31 the U.S. Department of Defense (DoD) issued CMMC v1.0, a new unified cybersecurity standard coupled with a certification program for all DoD contractors and subcontractors. Continue Reading
The California Attorney General (CA AG) has released a notice of changes to the California Consumer Privacy Act (CCPA) draft regulations, making substantial changes to the earlier draft regulations published in 2019 (covered in a prior webinar by Hogan Lovells, here). The CA AG will accept public comments on the modified draft regulations until Monday, February 25, 2020.
To learn more about the latest draft regulations, how they may impact your compliance efforts, and whether additional comments to the CA AG make sense for your organization, attend this webinar featuring discussion from Hogan Lovells Privacy and Cybersecurity partners.
Thursday, February 20, 2020
11:30 AM EST
8:30 AM PST
4:30 PM GMT
To register, please click here.