SEC Commissioner Peirce Proposes Blockchain Token Safe Harbor

Feb 14 2020
, and

On February 6, 2020, U.S. Securities and Exchange Commission (SEC or Commission) Commissioner Hester M. Peirce (Commissioner Peirce) gave a speech describing the need for more clarity on application of the securities laws to the offer and sale of blockchain tokens or digital assets. As part of the speech, she proposed a safe harbor (Proposal or Safe Harbor) exempting certain tokens from the registration requirements of the Securities Act of 1933 (Securities Act) and Securities Exchange Act of 1934 (Exchange Act), including an exemption for persons engaging in certain transactions with respect to such tokens from the definitions of “exchange,” “broker” and “dealer” under the Exchange Act. The Proposal is of significance to any existing or future blockchain development team considering the distribution of tokens, as well as any digital asset exchange or over-the-counter desk that facilitates transactions in digital assets, blockchain tokens or virtual currencies.

Read More

EmailShare
, ,

French CNIL Publishes Draft Guidance on Cookie Consent

Feb 13 2020
and

On January 14, 2020, the French data protection authority, the CNIL, proposed a consultation on its draft recommendations on practical ways to collect website user consent for cookies and similar technologies (the “Recommendations”). The Recommendations follow the publication in July 2019 of updated guidance on cookies, including requirements for obtaining GDPR-standard consent, by various European data protection authorities, including the CNIL and the ICO (the latter guidance was reported by Data Matters here). The CNIL has since undertaken a consultation to develop practical methods to obtain user consent.

Read More

EmailShare
, , , , ,

A February 2020 Surprise: California Attorney General Proposes Significant Revisions to CCPA Regulations

Feb 12 2020
, , , , and

Just as companies were starting to recover from their exertions to put in place California Consumer Privacy Act (“CCPA”) compliance programs before the law’s January 1, 2020 entry into force, the California Attorney General (“AG”) provided an early February surprise.  CCPA watchers long expected that the AG would revise the CCPA regulations he initially proposed on October 10, 2019.  But when the AG actually released his proposed regulations on February 7 – a proposal he subsequently modified slightly on February 10 – both the timing and breadth of the revisions were surprising.  In short, the revisions were both sooner and more significant than expected.

Read More

EmailShare
, , , , ,

UK ICO Releases Draft Direct Marketing Code of Practice for Public Consultation

Feb 10 2020
, and

On 8 January 2020, the UK’s Information Commissioner’s Office (ICO) published a draft Direct Marketing Code of Practice (Draft Code) for public consultation. The Draft Code is intended to update existing guidance published pre-GDPR and provide clarity on certain important issues.

Summarised below are the key takeaways from the Draft Code:

Read More

EmailShare
, , , ,

Retail Privacy Network

Feb 07 2020

You are invited to join privacy professionals in the retail sector for topical conversation, learning and networking at the first Retail Privacy Network meeting.

This interactive meeting will include hot topics in UK/EU data privacy and cybersecurity with practical case studies on retail industry issues.

The agenda will include discussions on:

  • Lessons learned from GDPR enforcement actions and update on cookies
  • Erasure and back-ups
  • Use of biometrics (including facial recognition technology)
  • Adtech, real-time bidding and valid consent

Read More

EmailShare
,

SEC Publishes Cybersecurity and Resiliency Observations Report

Feb 06 2020
, and

The U.S. Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) released a report on Cybersecurity and Resiliency Observations based on practices seen in prior exams.  OCIE published the overview of practices to help market participants when considering “how to enhance cybersecurity preparedness and operational resiliency,” while acknowledging that there is not a “one-size fits all” approach.  The report links cybersecurity to resiliency and business continuity planning, explicitly merging two concepts on which the OCIE has previously focused into a single topic.

Read More

EmailShare
, , ,

NIST Releases Version 1.0 of Privacy Framework to Help Organizations Manage Privacy Risks and Improve Protection of Personal Data

Jan 29 2020
, , and

With issues around the collection and handling of personal data becoming the focus of increased scrutiny among regulators, policymakers, and consumers, interest has continued to grow among organizations to better understand and address privacy risk.  Seeking to support innovation in the market and to accommodate the increasingly global nature of data processing ecosystems, the National Institute of Standards and Technology (“NIST”) released Version 1.0 of the NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management (“NIST Privacy Framework”) on January 16, 2020.  The recent publication aims to outline an adaptable approach to privacy risk for organizations of all sizes by providing a “framework for privacy management, not just a checklist of tasks.”

The NIST Privacy Framework is a voluntary tool intended to assist organizations in managing privacy risks that may arise due to system, product, or service operations that involve personal data, or in connection to new regulatory regimes such as the California Consumer Privacy Act (“CCPA”) and the European Union’s General Data Protection Regulation (“GDPR”).  As noted in the Executive Summary, the NIST Privacy Framework is intended to “enable better privacy engineering practices that support privacy by design concepts and help organizations protect individuals’ privacy.”  Notably, the Federal Trade Commission (“FTC”), recognized by many as the U.S. government’s top privacy watchdog, had applauded the preliminary draft of the NIST Privacy Framework in Fall 2019 – indicating that the finalized publication could potentially serve as a credible benchmark for organizations seeking to address privacy risk across the data processing lifecycle.

Read More

EmailShare
, , , , ,
1 2 3 79
EmailShare

Categories

Archives

Contacts


Colleen Theresa Brown
Washington, D.C.
ctbrown@sidley.com


John M. Casanova
Singapore, London
jcasanova@sidley.com


Christopher C. Fonzone
Washington, D.C.
cfonzone@sidley.com


Kate Heinzelman
Washington, D.C.
kheinzelman@sidley.com


William RM Long
London
wlong@sidley.com


Geeta Malhotra
Chicago
cmalhotra@sidley.com


Alan Charles Raul
Washington, D.C.
araul@sidley.com


Yuet Ming Tham
Hong Kong
Singapore
yuetming.tham@sidley.com


John K. Van De Weert
Washington, D.C.
jvandeweert@sidley.com

Click here to view all of Sidley's Privacy and Cybersecurity professionals.

To receive email alerts when we post a blog entry, please provide your name and email address.

Upcoming Events

  1. The CCPA and the Future of Business in the New Privacy Era

    February 26 @ 5:00 pm - 7:00 pm

  2. Retail Privacy Network

    February 27 @ 12:00 pm - 2:30 pm

View All Events

XSLT Plugin by BMI Calculator