Browsing Category
Internet Law
European Court of Human Rights Says Bulk Interception Is Not a Violation of Human Rights
On May 25, 2021, the Grand Chamber of the European Court of Human Rights handed down its judgement in the case of Big Brother Watch and Others v. the United Kingdom, determining that the former surveillance regime in the UK violated…
European Commission Publishes Final Version of Updated Standard Contractual Clauses
On June 4, 2021, the European Commission published the final version of the implementing decision on standard contractual clauses for transfers of personal data to third countries under the EU General Data Protection Regulation (“GDPR”),…
Google to Prevent App Developers from Using Advertising ID for Any Purpose Following User Opt-Out
On June 3, 2021, Google informed app developers that beginning in late 2021, when Android 12 OS users opt out of personalized ads, the advertising ID provided by Google Play services (the Google Ad ID, or “GAID”) will not be made available…
New York AG Settles with Filters Fast After Data Breach
On May 18, 2021, New York Attorney General (“AG”) Letitia James announced a settlement agreement with Filters Fast LLC (“Filters Fast”) over a data breach that compromised personal information of approximately 324,000 consumers nationwide,…
HHS Reaches Settlement with Clinical Laboratory for Alleged Violations of HIPAA Security Rule
On May 25, 2021, the Office for Civil Rights (“OCR”) of the U.S. Department of Health and Human Services (“HHS”) announced that it had reached a settlement with Peachstate Health Management, LLC (“Peachstate”) for violations of the HIPAA…
CIPL Submits Comments on China’s Updated Draft Personal Information Protection Law
On May 25, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP submitted its response (in English and in Mandarin) to the Standing Committee of the National People’s Congress (“NPC”) of the People’s…
U.S. Department of Homeland Security Announces Pipeline Cybersecurity Directive
On May 27, 2021, the U.S. Department of Homeland Security’s (“DHS”) Transportation Security Administration (“TSA”) announced a Security Directive (the “Directive”) that will impose new cybersecurity requirements on critical pipeline owners…
EDPS Opens Investigations Following Schrems II Judgment
On May 27, 2021, the European Data Protection Supervisor (the “EDPS”) announced that it has opened two investigations regarding (1) the use of cloud services provided by Amazon Web Services and Microsoft under Cloud II contracts by…
UK Court of Appeal Signals It Will Closely Scrutinize UK DPA Exemptions
On May 26, 2021, the Court of Appeal handed down its judgment in the case of R (Open Rights Group and the3million) v Secretary of State for the Home Department and Others EWCA Civ 800, finding that the UK 2018 Data Protection Act’s (“DPA…
Belgian DPA Approves First EU Data Protection Code of Conduct for Cloud Service Providers
On May 20, 2021, the Belgian Data Protection Authority (“Belgian DPA”), as the lead authority (in collaboration with two co-reviewing authorities), announced that it had approved the EU Data Protection Code of Conduct for Cloud Service…