Eversheds Sutherland Cybersecurity and Privacy Insights Blog
content top

Colorado’s new privacy law: How it stacks up against other US privacy laws

Companies compliant with the GDPR and similar US state laws will have a substantial headstart with the Colorado Privacy Act. Recognizing the key differences will enable organizations with a well-designed compliance program to efficiently accommodate all these laws. The law provides for a mandatory universal consumer opt-out of targeted advertising, data sales and profiling.The Colorado...

Getting back when HACT: Congress’s idea to provide redress to recent cyberattacks

Amidst the ever-worsening onslaught of cyberattacks, companies are longing to go on the offensive, whether by “hacking-back” or by going after malicious actors in US courts. While Congress has previously refused to enable the former, it now appears more open to the latter, particularly with the introduction of the Homeland and Cyber Threat Act (the HACT Act): The HACT Act, if passed,...

2021 Foresight: Key lessons from 2020 to help navigate the future of cybersecurity and data privacy

When it comes to privacy and cybersecurity, the uncertainty and volatility of 2020 will not soon relent — but neither will its invaluable lessons. In this article for Thomson Reuters, Partners Michael Bahar and Paula Barrett look back on the tumult of 2020 and reveal five key lessons to help manage the inevitable uncertainty and volatility going forward, and emerge stronger and more...

Taking a stand on standing in data breach cases

At the crossroads of the California Consumer Privacy Act and Article III standing: Plaintiffs continue to test the boundaries of the CCPA’s Private Right of Action for data breaches;Courts, however, are standing firm on Article III standing requirements;That said, the costs of data breaches are rising with increased litigation and regulatory risk, so to reduce the chances of a breach,...

Standard Contractual Clauses and EDPB Recommendations

The European Data Protection Board (EDPB), a collective of representatives from European data privacy regulators, published important recommendations on the Schrems II judgment, the seismic European decision that invalidated the EU-US Privacy Shield and called into question the continuing viability of personal data transfers from the EU and UK to third countries, particularly the...

« Older Entries