Call 855-808-4530 or email Gro[email protected] to receive your discount on a new subscription.
Part Three continues the analysis of new compliance requirements in Canada's new Consumer Privacy Protection Act, including the content of organizational privacy policies and anonymization of personal information policies, and business transaction policies contained in the Act.
Part One of this series discussed the history of Canada’s recently introduced Consumer Privacy Protection Act and reviewed the similarities with GDPR, such as data portability, the right not be forgotten, codes of practice, and a safe harbor provision. Part Two analyzed the new compliance requirement of valid consent. Part Three continues the analysis of new compliance requirements, including the content of organizational privacy policies and anonymization of personal information policies, and business transaction policies contained in the Act.
Continue reading by getting
started with a subscription.
New U.S.-China Investment Dynamic Focuses On AI and Sensitive Technologies
By David A. Holley
An Executive Order released by the Biden Administration on Aug. 9 places increased importance on due diligence when investing in specific foreign countries. The Executive Order will regulate outbound investments in China with a focus on key technologies critical to safeguarding U.S. national security, including artificial intelligence.
New York’s Latest Cybersecurity Commitment
By Erik B. Weinick
On Aug. 9, 2023, Gov. Kathy Hochul introduced New York’s inaugural comprehensive cybersecurity strategy. In sum, the plan aims to update government networks, bolster county-level digital defenses, and regulate critical infrastructure.
Data Breach Defense: Mobilizing Against Weaponized Mass Arbitration
By Daniella Main and Brooke Bolender
Most companies have experienced or will experience a data breach. Increasingly, companies also face the risks associated with mass arbitration weaponized by the overwhelming volume of claims after a breach.
By Wim Nauwelaerts
Businesses and organizations that (regularly) transfer personal data from the EU to the U.S. should carefully assess, on a case-by-case basis, whether it makes sense to rely on the new EU-U.S. Data Privacy Framework or to use one of the other data transfer tools that are available under the GDPR.