The French data privacy authority (DPA) announced that it will fine Discord, Inc. 800,000 euros under the General Data Protection Regulation (GDPR). Discord is a social messaging platform popular with gamers, technology enthusiasts, and the LGBTQ+ community.

The alleged GDPR breaches include failure to establish a written information security policy and data retention schedule, failure

As companies hustle to follow the new California Privacy Rights Act (CPRA) regulations, they’ve hit a substantial hiccup: there aren’t any yet. The California Privacy Rights Agency (CPPA), the newly-created body with administrative authority over the CPRA’s implementation, has yet to release its finalized regulations. The CPRA takes effect on January 1, 2023, and covered

California law will soon require businesses to treat their employees and business partners as consumers under the California Consumer Privacy Act (CCPA). The CCPA and its successor legislation, the California Privacy Rights Act (CPRA), grant California consumers dignitary rights over their personal information collected and processed by commercial entities that do business in California. The

President Biden recently signed an executive order establishing the implementation of the new EU-U.S. Data Privacy Framework, which would provide for the possibility of the lawful transfer of personal data from the European Union (EU) to the United States (U.S.), while ensuring a strong set of data protection requirements and safeguards.[1]  Once approved

Last week, the California Privacy Protection Agency (CPPA) released updated California Privacy Rights Act (CPRA) draft regulations and a summary of the changes. The regulations remain in the proposal stage and it is unclear when to expect finalized rules, although it is likely that this version will include near final requirements and prohibitions.

While most

When the U.K. withdrew from the European Union (EU), its General Data Protection Regulation (GDPR) status was one of many headaches for regulators to figure out. After drawn-out negotiations over points such as requiring opt-in or opt-out models, lawmakers had settled mainly on a GDPR-like solution called the Data Protection and Digital Information Bill.

The

The State Bar of Georgia recently disclosed that it was the victim of a cybersecurity incident in April 2022, when an unauthorized individual accessed its systems and compromised the data of current and former employees and “some members of the State Bar.”

The incident included unauthorized disclosure of individuals’ names, addresses, dates of birth, Social

California Governor Gavin Newsom signed the California Age-Appropriate Design Code Act (the Act) into law last week. This new law will require those online service providers likely to be accessed by children under 18 years old to comply with heightened privacy requirements, including incorporating privacy-by-default and privacy-by-design into their products. The 18-year age threshold for