Article 83 of the GDPR provides for two levels of administrative fines: a lower level – maximum of €10 million or 2% of the global turnover – for violations relating to record-keeping, data security, data protection impact assessments, data protection by design and default, and data processing agreements; and a higher level – maximum of €20 million or 4% of … Continue Reading
Increasing numbers of initiatives, devices, and solutions related to the Internet of Things (IoT) are substantially impacting the development of cybersecurity and data privacy regulations throughout Asia. After the implementation of the General Data Protection Regulation (GDPR) in Europe, for example, Asian lawmakers are considering strengthening their own data protection laws. The region is also characterized by a push in … Continue Reading
This is the seventh installment in Hogan Lovells’ series on the California Consumer Privacy Act.
The application of the California Consumer Protection Act of 2018 (“CCPA”) to employee data has been the subject of much debate since the first version of the bill was introduced on June 21, 2018 (just days prior to its enactment on June 28). Under a … Continue Reading
This is the sixth installment in Hogan Lovells’ series on the California Consumer Privacy Act.
The California Consumer Privacy Act of 2018 (CCPA) adds another set of privacy requirements for health and life sciences companies. Managing the interaction of these new requirements with existing obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), California’s Confidentiality of Medical … Continue Reading
This is the fifth installment in Hogan Lovells’ series on the California Consumer Privacy Act.
As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation (GDPR). At first glance, it is clear that the drafters of the … Continue Reading
This is the fourth installment in Hogan Lovells’ series on the California Consumer Privacy Act
This post discusses litigation exposure that businesses collecting personal information about California consumers should consider in the wake of the California Legislature’s passage of the California Consumer Privacy Act of 2018 (CCPA).
For several years, the plaintiffs’ bar increasingly has relied on statutes like the … Continue Reading
This is the third installment in Hogan Lovells’ series on the California Consumer Privacy Act.
What personal information do you have about California consumers and households?
The California Consumer Privacy Act of 2018 (“CCPA”) provides a series of new compliance obligations and operational challenges for companies doing business in California. A vital first step for any company subject to the … Continue Reading
This is the second installment in Hogan Lovells’ series on the California Consumer Privacy Act.
Words matter. Nowhere is this truer than in legislation, where word choices—often the product of long debate and imperfect compromise—determine the scope and impact of a law. Legislative history can speak volumes about those word choices, and the unique legislative history of the California Consumer … Continue Reading
We have heard the California Consumer Privacy Act of 2018 (CCPA) called all these things and more since its enactment on June 28, 2018. Our experience to date has confirmed the compliance challenge ahead for organizations that engage with the residents of the world’s fifth-largest economy.
We will explore the ramifications for businesses of this seminal legislation … Continue Reading
On 4 September, the Legislative Decree no. 101 of 10 August 2018 (the “Decree”) for the national implementation of General Data Protection Regulation (EU) 2016/679 (the “GDPR”) has been published in the Official Journal. The approach of the legislator was to maintain the structure of former Legislative Decree 196/2003 (the “Privacy Code”) which, however, has been extensively amended and … Continue Reading
Please join us for our September 2018 Privacy and Cybersecurity Events.
In July, Eduardo Ustaran spoke at Privacy Laws & Business’ International Conference in Cambridge about the sort of activities likely to prompt regulators into exercising their increased fining powers under the EU GDPR. A link to the video of his presentation can be found here and a detailed report of the presentation is available here.… Continue Reading
The U.S. Environmental Protection Agency was created in 1970 to safeguard the environment against pollutants. The tidal wave of environmental regulations that followed impacted every industry in the United States, especially the automotive market. Decades later, organizations have internalized these regulations into their culture.
Today, the European Union’s General Data Protection Regulation (GDPR) is driving a regulatory wave of similar … Continue Reading
Much of the focus internationally has been on preparations for the May, 2018 implementation of the EU GDPR. However, the APAC region is also noteworthy for a number reasons, including China’s ongoing … Continue Reading
On April 11th, Hogan Lovells Paris held its 7th TMT Seminar on “Are Data a source of risk, liability and value?”
At a time when data, personal or not, are all around us, how should we go about considering all of the issues involved?
Charlotte Le Roux, associate in Hogan Lovells Paris’ privacy team, welcomed our … Continue Reading
|The famous case brought by Maximilian Schrems against Facebook Ireland in Austria, aimed to become an international and large data protection class action, led on 25 January 2018 to a ruling from the CJEU on two main points:
Aetna will pay almost $17.2 million to settle a federal class action lawsuit stemming from a 2017 mailing that disclosed the HIV status of health plan members. Aetna also agreed last week to pay a $1.15 million fine to the state of New York after the Attorney General Eric Schneiderman’s (NY AG) investigation into Aetna’s alleged violations of federal and … Continue Reading
Hogan Lovells has announced that Edith Ramirez, the former Chairwoman of the US Federal Trade Commission (FTC), has joined the firm as a partner and will play an active role in Hogan Lovells’ Privacy and Cybersecurity practice. She will also co-head the firm’s Antitrust, Competition and Economic Regulation (ACER) practice.
Ramirez will co-lead the global antitrust practice alongside Suyong … Continue Reading
As previously reported, on Thursday, March 9th, the Federal Trade Commission (FTC) hosted a forum on the consumer implications of recent developments in artificial intelligence (AI) and blockchain technologies. This is the second of two entries on the March 9th FinTech Forum. Today’s post focuses blockchain technologies. Coverage of the opening remarks and the AI discussion may … Continue Reading
On Thursday, March 9th, the Federal Trade Commission (FTC) hosted a forum on the consumer implications of recent developments in artificial intelligence (AI) and blockchain technologies. This was the FTC’s third forum on issues in FinTech. Previous FinTech Forums covered marketplace lending and crowdfunding and peer-to-peer payments.
In opening remarks, the FTC acknowledged the benefits of technological … Continue Reading
In a March 17 live stream webinar, a panel of academic all-stars will discuss the key legal and tech trends for 2017, including regulation of artificial intelligence, the disruptive potential of blockchain, competition law and big data, global privacy and copyright trends, and the future of net neutrality.
Our panel will also share insights into the tech priorities of … Continue Reading
The internet has become today’s global trade route, and personal data is one of its major currencies. The growth in the digital economy is impressive. One study found that economic activity taking place over the internet is growing at 10% per year within the G-20 group of nations. In the United States alone, one estimate found that companies exported nearly … Continue Reading
Cyber risk has been high on the agenda of financial services regulators for some time now. In the UK, the FCA specifically addressed its concerns in its 2015/2016 Business Plan and it has an on-going programme of work which includes working with the PRA and Bank of England on visibility of IT resilience and risks at board level, and with … Continue Reading