The Department of Justice (“DOJ”) has moved ahead with its effort to protect Americans’ sensitive personal data and U.S. government data from exploitation by countries of concern or related covered…
On February 28, 2024, President Biden issued an Executive Order (the “Order”) designed to protect the “sensitive personal data” of Americans from “exploitation” by “countries of concern” or related “covered…
Key takeaways from January include: Transparency about data processing and retention: In a reminder of the importance of transparency under the GDPR, and the need for companies to make their…
In 2022, the UK ICO published the International Data Transfer Agreement (“IDTA”) and the International Data Transfer Addendum to the European Commission’s Standard Contractual Clauses (“the Addendum”). In short, the…
Key takeaways from September include: UK-US data bridge: From 12 October 2023, UK businesses will be able to transfer personal data to certain US organisations certified under a UK-specific extension…
Key takeaways this May include: Facial recognition: Businesses, including those with no presence in the EEA, face continued challenges in establishing GDPR-compliant facial recognition technology after the French CNIL fined…
As we approach the end of the year, here are the Top 10 Privacy posts on the Debevoise Data Blog in 2022 by page views. If you are not already…
On October 7, 2022, U.S. President Biden signed Executive Order 14086 on Enhancing Safeguards for United States Signals Intelligence Activities (the “Order”). The administrative Order creates new protections applicable to…
What happened? In the wake of the Court of Justice of the European Union’s decision in Schrems II (covered here and here) and Brexit, the EU and UK respectively updated…
Russia has enacted amendments to its Personal Data Law (the “Amendments”) that may have a significant impact on companies operating in Russia. The Amendments became effective on September 1, 2022, save…