Eversheds Sutherland Cybersecurity and Privacy Insights Blog
content top

Colorado’s new privacy law: How it stacks up against other US privacy laws

Companies compliant with the GDPR and similar US state laws will have a substantial headstart with the Colorado Privacy Act. Recognizing the key differences will enable organizations with a well-designed compliance program to efficiently accommodate all these laws. The law provides for a mandatory universal consumer opt-out of targeted advertising, data sales and profiling.The Colorado...

Virginia is for lovers (of privacy)—The Consumer Data Protection Act passes into law

On March 2, 2021, Governor Northam signed the Virginia Consumer Data Protection Act (CDPA), making it the country’s second, enhanced state privacy law. It will likely not be the last. Set to take effect on January 1, 2023, the CDPA requires businesses to make significant enhancements to their privacy policies and to provide covered consumers with substantial...

2021 Foresight: Key lessons from 2020 to help navigate the future of cybersecurity and data privacy

When it comes to privacy and cybersecurity, the uncertainty and volatility of 2020 will not soon relent — but neither will its invaluable lessons. In this article for Thomson Reuters, Partners Michael Bahar and Paula Barrett look back on the tumult of 2020 and reveal five key lessons to help manage the inevitable uncertainty and volatility going forward, and emerge stronger and more...

Standard Contractual Clauses and EDPB Recommendations

The European Data Protection Board (EDPB), a collective of representatives from European data privacy regulators, published important recommendations on the Schrems II judgment, the seismic European decision that invalidated the EU-US Privacy Shield and called into question the continuing viability of personal data transfers from the EU and UK to third countries, particularly the...

No rest for the weary: cybersecurity and privacy enforcement actions heat up

A recent wave of cybersecurity and privacy enforcement actions cautions businesses dealing in personal data to strengthen their security and compliance plans. The New York Department of Financial Services recently announced its first enforcement action under its cybersecurity regulation. The California Attorney General began enforcement-related inquiries under the newly enacted...

FinCEN advisory highlights increased cybercrime risks during COVID-19

FinCEN Advisory Zeroes in on Opportunistic Cybercrime During the COVID-19 Pandemic: Cybercriminals are hard at work taking advantage of weaknesses in remote processing; FinCEN issues Advisory highlighting red flags that compliance officers should be familiar with to help shore up compliance gaps; Advisory issuance signals possible increased attention by FinCEN on these crimes and...

« Older Entries