It has been nearly a year and a half since the Schrems II decision issued in July 2020, which invalidated the European Commission’s adequacy decision for the EU-US Privacy Shield Framework. As a result, companies were forced to reexamine their transfers of personal information out of the EU, and the safeguards that they rely on
United States
Supreme Court Rules CFAA Does Not Criminalize Every Violation of a Computer-Use Policy
In Van Buren v. United States, the Supreme Court resolved a circuit split as to whether a provision of the Computer Fraud and Abuse Act (CFAA) applies only to those who obtain information to which their computer access does not extend, or more broadly to also encompass those who misuse access that they otherwise…
Supreme Court: The FTC – The Chief Federal Agency on Privacy Policy and Enforcement Since the 1970s – May Not Have Ever Had Authority to Demand Monetary Relief
While Europe is leveraging hefty fines against violators of the EU General Data Protection Regulation (GDPR) (here is a tracker of recent fines: https://www.enforcementtracker.com/), the United States Supreme Court heard oral arguments last month on whether the FTC – the chief federal agency on privacy policy and enforcement since the 1970s – lacks authority…
FinCEN’s Proposed Rulemaking for Cryptocurrency – The Balance of National Security vs. Privacy
Just before the Christmas holidays, the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) issued proposed rulemaking entitled “Requirements for Certain Transactions Involving Convertible Virtual Currency or Digital Assets.” The proposed regulations seek to “require banks and money service businesses (“MSBs”) to submit reports, keep records, and verify the identity of customers in relation…
California Voters Approved the CPRA: What Does This Mean for Your Business?
While the nation was preoccupied with the presidential race, California voted “YES” on the California Privacy Rights Act (“CPRA”), which amends and expands on the CCPA. Our previous post sets forth the highlights of the balloted Proposition 24, but in a nutshell, the CPRA was designed to close a number of loopholes in the…
Rothwell Figg Attorneys Author U.S. Section in Mondaq Data Privacy Comparative Guide
Four Rothwell Figg attorneys, Jenny Colgate, Caitlin Wilmot, Martin Zoltick, and Jennifer Maisel, authored the U.S. section of Mondaq’s Data Privacy Comparative Guide.
Mondaq’s Comparative Guides provide an overview of key points of law and practice, and allows users to compare regulatory environments and laws across multiple jurisdictions on a global scale.…
EU Data Transfers Update: You Have a Lot of Weekend Reading To Do!
If you’re a company that has been scratching your head and racking your brain since the Schrems II decision issued on July 16, 2020, invalidating Privacy Shield and calling into question all data transfers between the EU and third countries on surveillance-related grounds, your wish for more guidance has finally come true.
This week, the…
Recent Cybersecurity Incidents on the Campaign Trail Highlight Risks for Ordinary Companies
Although this is no ordinary campaign, recent news shows how politicians have many of the same worries as typical businesses. On Thursday, October 29, 2020, the Wisconsin Republican Party reported that it had been victimized by a Business Email Compromise (BEC). There are many ways in which a criminal may conduct a BEC scam but…
Voters May Favor Prop 24 and the California Privacy Rights Act of 2020 Despite Ambiguities
Nearly a year after the California Consumer Privacy Act (CCPA) went into effect, Californians now have a chance to weigh in on the California Privacy Rights Act of 2020 (CPRA), which is on the November 3, 2020, ballot as Proposition 24. The CPRA is designed to strengthen consumer privacy protections by amending the CCPA…
TCPA Subject to Supreme Court Scrutiny (Again) – What Exactly is Autodialing?
The Telephone Consumer Protection Act (TCPA) was passed in 1991 and is known by many as the law that created the “do-not-call” rules. The statute includes a number of restrictions related to telephone, text, and fact solicitations, including a prohibition against what is colloquially known as “autodialing” and “robocalls,” and it creates a private right…