Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry

Bret Cohen

Posts by Bret Cohen
Posted in Artificial Intelligence, Data Protection & Privacy Mark BrennanBret CohenFilippo Raso

NIST Seeking Input on AI Technical Standards by May 31, 2019

On May 1, 2019, the National institute of Standards and Technology (NIST) announced a Request for Information (RFI) in the Federal Register regarding ongoing efforts to develop technical standards for artificial intelligence (AI) technologies and the identification of priority areas for federal involvement in AI standards-related activities. Responses to the RFI are due by May 31, 2019.

The RFI … Continue Reading

Posted in Policy & Regulation, Technology Mark BrennanBret Cohen

Consumer Horizons 2019

The Consumer industry is evolving at lightning speed, and the way consumer companies operate is shifting. From issues in supply chain to the digitalization of the consumer experience, companies are rapidly changing to keep up with consumer demands. Last year businesses in the consumer industry saw a wave of unprecedented disruption and transformation, and 2019 promises challenges of similar or … Continue Reading

Posted in Consumer Privacy Bret CohenJulian FlamantGreg FerenbachRay LiFilippo Raso

Beyond FERPA: The California Consumer Privacy Act’s New Rules for Privacy in the Education Sector

In June of 2018, California passed the California Consumer Privacy Act (CCPA), which seeks to give consumers additional safeguards regarding their personal information. The CCPA will become effective January of 2020 and may impact companies in the education sector, including the larger education technology companies.

While the CCPA does not apply to nonprofit educational institutions, it may apply to certain … Continue Reading

Posted in International/EU privacy Bret CohenJulian Flamant

Action Required: Privacy Shield Participants Must Update Privacy Policies for Brexit

With the deadline for a no-deal Brexit looming—the UK’s exit date from the European Union is now slated for April 12—companies certified to the EU-U.S. Privacy Shield should update their Privacy Shield privacy policies if they have not done so already to ensure that they are able to lawfully receive personal data from the UK post-Brexit.

The UK Information Commissioner’s … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Timothy TobinHarriet PearsonMark BrennanBret Cohen

California DoJ Sets March 8 Deadline for CCPA Pre-Rulemaking Comments

The California Department of Justice has announced a March 8, 2019 deadline for submitting written pre-rulemaking comments on the California Consumer Privacy Act (CCPA). The March 8 deadline is an extension from the previously set end-of-February deadline.

Pursuant to section 1798.185(a) of the CCPA, the California Attorney General (AG) is obligated to solicit broad public participation and adopt regulations to … Continue Reading

Posted in Cybersecurity Mark BrennanBret Cohen

NTIA Seeks Comment on New, Outcome-Based Privacy Approach

Yesterday, the U.S. Department of Commerce’s National Telecommunications and Information Administration (NTIA) issued a Request for Comments (RFC) on a new consumer privacy approach that is designed to focus on outcomes instead of prescriptive mandates. The RFC presents an important opportunity for organizations to provide legal and policy input to the administration, and comments are due October 26.The RFC notes … Continue Reading
Posted in Data Protection & Privacy Bret Cohen

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

This is the fifth installment in Hogan Lovells’ series on the California Consumer Privacy Act. 

As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation (GDPR). At first glance, it is clear that the drafters of the … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Mark BrennanHarriet PearsonBret CohenTimothy Tobin

Now Available: California Consumer Privacy Act: What you need to know now webinar recording and slides

Thank you to everyone who participated in last week’s webinar “California Consumer Privacy Act: What you need to know now.”

In this complimentary webinar, Hogan Lovells partners Mark Brennan, Bret Cohen, Harriet Pearson, and Tim Tobin, discussed:

• What triggered the new law?

• What data is covered?

• What does CCPA require, and how do you start operationalizing the … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Mark BrennanBret CohenHarriet PearsonTimothy Tobin

Webinar Invitation – California Consumer Privacy Act: What you need to know now

On June 28, 2018, California’s governor signed Assembly Bill 375, a ground-breaking new data privacy law that some are calling the United States’ answer to the European Union’s General Data Protection Regulation (GDPR).  Particularly in light of California’s status as the world’s 5th largest economy, many are wondering how the new California Consumer Privacy Act (CCPA) will affect them.

Please … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Russia Partially Releases 2018 Data Privacy Inspection Plans

Two weeks ago, certain territorial divisions of the Russian Data Protection Authority, Roskomnadzor, published their 2018 plans for conducting inspections of local companies’ compliance with Russian data privacy requirements, including with Russia’s data localization requirement. The inspection plans contain a number of prominent multi-national and Russian companies.

Within such inspections, Roskomnadzor assesses the compliance of the entity with Russian … Continue Reading

Posted in Data Protection & Privacy Bret Cohen

U.S. Supreme Court Takes Microsoft Corp. v. United States in Law Enforcement Access Row

Last Monday, the Supreme Court granted certiorari in the Microsoft search warrant case, a case in which Microsoft challenged the U.S. government’s right to use the warrant process to obtain certain emails stored overseas.  Some view the upcoming decision as signaling the level of access the U.S. government will have to the growing troves of data U.S.-based technology companies … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Russian Data Protection Authority Publishes Privacy Policy Guidance

On 31 July, the Russian data protection authority, Roskomnadzor, issued guidance for data operators on the drafting of privacy policies to comply with Russian data protection law. Russia’s 2006 privacy law – Federal Law No. 152-FZ of 27 July 2006 “On Personal Data” (Personal Data Law) – requires, among other things, that Russian data operators must adopt a privacy policy … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Russia Increases Fines for Violations of Data Protection Laws

On 7 February 2017, the Russian President signed into law a bill (link in Russian) introducing amendments to the Russian Code on Administrative Offences that increases the amount of the fines imposed for violating Russian data protection laws and differentiates the relevant offences’ types. The greatest increase raises maximum fines for certain violations from RUB 10,000 to 75,000 (approx. USD … Continue Reading

Posted in Data Protection & Privacy Julie BrillBret Cohen

Trump’s Executive Order Does Not Impact U.S. Privacy Shield Commitments

Last Wednesday, President Trump signed an immigration-related Executive Order (EO) titled “Enhancing Public Safety in the Interior of the United States” that, among other things, removed the ability of federal agencies to extend protections under the Privacy Act to anyone other than U.S. citizens or legal permanent residents. Some initial observers have suggested that this means that the … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Russia Releases 2017 Data Privacy Inspection Plans; Microsoft Passes 2016 Inspection

At the end of 2016, territorial divisions of the Russian Data Protection Authority, Roskomnadzor, published their 2017 plans for conducting inspections of local companies’ compliance with Russian data privacy requirements, including data localization. The inspection plans contain a number of prominent multi-national and Russian companies.

For instance, the inspection plan of Roskomnadzor’s territorial division for the Russian Central Region includes … Continue Reading

Posted in Data Protection & Privacy Eduardo UstaranBret CohenKatherine Gasztonyi

Details of Legal Challenge to Privacy Shield Revealed

Ever since the first draft of the EU-US Privacy Shield framework was published in early 2016, groups opposed to the idea have indicated their intent to challenge the legality of the framework under EU law. Recently, the privacy advocacy group Digital Rights Ireland (DRI) made good on that promise.  Following the filing of a formal complaint on 15 September asking … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Moscow Court Upholds Ruling to Block LinkedIn in Russia for Non-Compliance with Data Localization Law

In a case with major significance for foreign online businesses that do business in Russia, on Thursday, 10 November the Moscow City Court sustained a lower court ruling that granted the request of the Russian Data Protection Authority (Roskomnadzor) to block access to social network LinkedIn within Russian territory.

As we described in an earlier post, Roskomnadzor brought the … Continue Reading

Posted in Data Protection & Privacy Julie BrillBret CohenEduardo UstaranHarriet Pearson

Privacy Shield Receives Final Approval from European Commission—Some Initial Practical Advice

On 12 July 2016, the European Commission issued its much awaited “adequacy decision” concerning the Privacy Shield framework for the transfer of personal data from the EU to the U.S. This adequacy decision is based on the latest version of the Privacy Shield, which was further negotiated and revised following the Article 29 Working Party’s April 2016 concerns with … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Russia Data Localization Update: Results from Regulatory Inspections Clarify Enforcement Approach

We last reported on Russia’s data localization law earlier this year when the Russian data protection authority, Roskomnadzor, released its inspection plan for 2016. Since then, Roskomnadzor has been conducting compliance inspections both according to the plan and in individual cases when it has reason to do so. The results of those inspections and recent comments by the Head … Continue Reading

Posted in Data Protection & Privacy, TMT2020 Harriet PearsonEduardo UstaranBret CohenKatherine Gasztonyi

TMT2020: Inside the New EU-U.S. Data Framework: A Practical Breakdown of the Privacy Shield

EDITOR’S NOTE:  We are excited to present this entry in our new TMT2020 series, which reflects the key technology, media, and telecoms legal issues that are expected to impact today’s organizations and tomorrow’s marketplace.  It also provides an opportunity to highlight contributions by TMT associates across our global offices and practice areas. 

The February 29, 2016 announcement of the new … Continue Reading

Posted in Data Protection & Privacy Eduardo UstaranHarriet PearsonBret CohenKatherine Gasztonyi

First Look: EU–U.S. Privacy Shield

On February 29, 2016, and after more than two years of negotiations with the U.S. Department of Commerce, the European Commission released its draft Decision on the adequacy of the new EU–U.S. Privacy Shield program, accompanied by new information on how the Program will work. The Privacy Shield documentation is significantly more detailed than that associated with its predecessor, the … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaBret Cohen

Russia Releases Data Localization Inspection Plan for 2016

In mid-January, the territorial divisions of Russia’s Data Protection Authority, Roskomnadzor, uploaded their 2016 plans for conducting inspections of local companies’ compliance with Russia’s data localization requirements, and there are a number of prominent multi-national companies on the list.

For instance, the inspection plan of Roskomnadzor’s territorial division for the Russian Central Region (in Russian) contains a number of organizations … Continue Reading

Posted in Data Protection & Privacy Natalia GulyaevaMaria SedykhBret Cohen

Russian Data Localization: Two Months In

We are now almost two months into the era of Russia’s Data Localization Law, which came into force on 1 September.  While some expected immediate enforcement, the Russian Data protection Authority, Roskomnadzor, has not yet taken any action for a violation of data localization requirements.  Last month, Roskomnadzor did take formal enforcement action to block a website and add Continue Reading

Posted in Data Protection & Privacy Eduardo UstaranHarriet PearsonBret Cohen

EU Data Transfers: Considering Your Options After Friday’s Article 29 Working Party Statement

The EU’s Article 29 Working Party issued a statement on Friday on the recent Schrems decision invalidating the adequacy of the EU-U.S. Safe Harbor framework, emphasizing that affected businesses should start to put in place legal and technical solutions in a timely manner to meet EU data protection standards.  The statement gave a January 2016 deadline for companies to come Continue Reading