Eversheds Sutherland Cybersecurity and Privacy Insights Blog
content top

California’s Consumer Privacy Act of 2018 – The HR Perspective

Businesses with consumers in California may soon find themselves subject to the California Consumer Privacy Act of 2018 (the Act). The Act arrives on the heels of the expansive consumer protections offered by the European General Data Protection Regulation (GDPR), and echoes key GDPR concepts such as enhanced transparency and disclosure obligations regarding personal data.  However, as...

California’s GDPR has become law

The California legislature passed the California Consumer Privacy Act, a sweeping new law that imposes stringent new GDPR-style privacy standards across sectors. Beginning in January 2020, California consumers will be granted new rights regarding how businesses collect and use their personal data, including a “right-to-be-forgotten” in certain circumstances. The law applies to...

Cyber security rules needed for pipelines: FERC commissioners

If you have turned on the news or picked up a paper lately, you have probably seen reports that foreign enemies are increasingly launching cyber-attacks on America’s critical infrastructure, including energy facilities. To address these threats, electric grid operators must comply with mandatory standards overseen by the Federal Energy Regulatory Commission (FERC) that protect...

Navigating global regulations – GDPR is now in effect

The General Data Protection Regulation (GDPR) took effect last week after two years of anticipation and preparation. Even though the GDPR is now in effect, US-based companies are still working to make sense of whether the GDPR applies to them, and what their obligations are if it does: What questions should US companies be asking about GDPR compliance now that the regulation has come...

It’s a material world—why the SEC’s Yahoo! penalty really matters

Determining whether to notify when struck by a cyberattack can be a complex undertaking, but the SEC’s recent $35 million penalty levied on Yahoo! Inc. for untimely disclosure of its breach raises the stakes for corporations. The need for a proactive, well-thought out regulatory notification strategy, and an awareness of the dangers of default non-disclosure positions, has never been...

A paradise for data privacy advocates—Bermuda’s privacy law now in full effect

With enactment of the Personal Information Protection Act (PIPA), Bermuda can now count itself among the ever-expanding list of jurisdictions with enhanced privacy protections. PIPA, passed on July 27, 2016, and entered into force in December 2017, shares many of the more stringent requirements and protections with Europe’s impending General Data Protection Regulation (GDPR), which...

« Older Entries