Eversheds Sutherland Cybersecurity and Privacy Insights Blog
content top

Virginia is for lovers (of privacy)—The Consumer Data Protection Act passes into law

On March 2, 2021, Governor Northam signed the Virginia Consumer Data Protection Act (CDPA), making it the country’s second, enhanced state privacy law. It will likely not be the last. Set to take effect on January 1, 2023, the CDPA requires businesses to make significant enhancements to their privacy policies and to provide covered consumers with substantial...

2021 Foresight: Key lessons from 2020 to help navigate the future of cybersecurity and data privacy

When it comes to privacy and cybersecurity, the uncertainty and volatility of 2020 will not soon relent — but neither will its invaluable lessons. In this article for Thomson Reuters, Partners Michael Bahar and Paula Barrett look back on the tumult of 2020 and reveal five key lessons to help manage the inevitable uncertainty and volatility going forward, and emerge stronger and more...

The ePrivacy Regulation

Europe’s movement to replace the 2002 ePrivacy Directive with a new ePrivacy Regulation picks up steam, signaling the potential need for US companies to add further privacy protections over electronic communications that may reach users in the EU.  What’s the significance? If agreed to, the ePrivacy Regulation will repeal the 2002 ePrivacy Directive and update existing...

US Cybersecurity and Data Privacy review and update: Looking back on our 2020 articles and planning ahead for 2021

2020 was a tumultuous year for privacy and cybersecurity, and further uncertainty is all but guaranteed. To help with an agile and holistic data strategy, it is worthwhile to heed the lessons of 2020. Trends of new and upcoming data laws suggest that adopting a high watermark approach to compliance will put companies in good position to stay in front of new obligations.An explosion of...

Standard Contractual Clauses and EDPB Recommendations

The European Data Protection Board (EDPB), a collective of representatives from European data privacy regulators, published important recommendations on the Schrems II judgment, the seismic European decision that invalidated the EU-US Privacy Shield and called into question the continuing viability of personal data transfers from the EU and UK to third countries, particularly the...

A Cybersecurity Storm and Winds of Change: NY DFS requires all New York financial institutions to report effects of SolarWinds hack

The New York Department of Financial Services (NY DFS) issued an alert on Friday, December 18, 2020, requiring all NY DFS regulated entities to immediately report whether they have been affected in any way by the massive, state-sponsored security breach of SolarWinds.  NY DFS’s request for immediate notification from all affected entities goes beyond what is normally required...

« Older Entries Next Entries »