Key takeaways from September include: UK-US data bridge: From 12 October 2023, UK businesses will be able to transfer personal data to certain US organisations certified under a UK-specific extension…
On April 19, 2023, the New York Attorney General (the “NYAG”) published new guidance (the “Guide”) recommending security measures for companies entrusted with consumers’ personal information. The Guide supplements the…
On May 10−12, 2023, the National Association of Attorneys General (the “NAAG”) held its Spring 2023 Consumer Protection Conference to discuss the intersection of consumer protection issues and technology. During…
Key takeaways this May include: Facial recognition: Businesses, including those with no presence in the EEA, face continued challenges in establishing GDPR-compliant facial recognition technology after the French CNIL fined…
In February 2022, the SEC proposed its first-ever cybersecurity rules for registered investment advisers (“RIAs”) (including RIAs to private funds) and Funds (which include registered investment companies (“RICs”) and closed-end…
Key takeaways from December and January include: Cookies: Businesses should consider reviewing their cookie compliance following major CNIL fines against Microsoft (€60 million) and TikTok (€5 million) calling for companies…
On January 10, 2023, the Financial Industry Regulatory Authority (“FINRA”) published its 2023 Report on FINRA’s Examination and Risk Monitoring Program (the “Report”), which is intended to provide member firms…
Key takeaways this October include: Facial Recognition: Businesses face continued challenges in establishing GDPR-compliant facial recognition technology, including those with no presence in the EEA, after the French CNIL fined…
European Data Protection Roundup – September 2022 Key takeaways this September include: Google Analytics: Continue to assess carefully the use of Google Analytics. The Danish Data Protection Agency became the…
On September 20, 2022, the SEC announced settled charges and the imposition of a $35 million penalty against a dually registered investment adviser and broker-dealer (the “Firm”) for violations of Regulation…