On December 15, 2020, the Irish Data Protection Commission (“DPC”) fined Twitter International Company (“TIC”) EUR 450,000 (USD 500,000) following a narrow investigation into TIC’s compliance with obligations to (a) notify a personal data breach within 72 hours under Article 33(1) GDPR; and (b) document the facts of the breach under Article 33(5) GDPR. The
December 2020
The Gift of an Updated Privacy Policy
As the year comes to a close, a reminder that the California Consumer Privacy Act requires companies to update their privacy policies annually. Consequently, as you get ready to spread the holiday cheer, make sure your privacy policy gets some attention as well.
Final 162(m) Regulations Make Few Changes
On Friday, December 18, the IRS released final regulations under section 162(m) implementing the statutory changes made in 2017 by the Tax Cuts and Jobs Act. Section 162(m), as amended, generally limits the deduction for compensation (also referred to as applicable employee remuneration) paid to the a publicly held corporation’s principal executive officer (“PEO”), principal…
HHS Announces Proposed Changes to HIPAA’s Privacy Rule
In a new post of the Covington Digital Health blog, our colleagues discuss the proposed rule issued by the Office for Civil Rights of the U.S. Department of Health and Human Services to modify the Privacy Rule promulgated under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the Health Information Technology…
What to Expect as the FEC Reconvenes
With the swearing in of Shana M. Broussard, Sean J. Cooksey, and Allen Dickerson, the Federal Election Commission now has a full roster of six Commissioners for the first time since 2017. While the FEC briefly enjoyed a quorum with four Commissioners in May, since then it has lacked a sufficient number of Commissioners to…
HHS Announces Proposed Changes to HIPAA’s Privacy Rule
On December 10, 2020, the Office for Civil Rights (“OCR”) of the U.S. Department of Health and Human Services (“HHS”) issued a proposed rule to modify the Standards for the Privacy of Individually Identifiable Health Information (the “Privacy Rule”) promulgated under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the Health Information…
Inside Privacy Audiocast: Episode 8 – The Impact of the U.S. Election on Privacy Laws in the U.S.
By Dan Cooper & Libbie Canter
On the eighth episode of our Inside Privacy Audiocast, we peer through the looking glass at the U.S. election and the future of privacy laws in the U.S. We discuss whether the November 3 election is likely to be a watershed event in the development of privacy laws in the U.S. In this episode, Dan…
UK Government Plans for an Online Safety Bill
In April 2019, the UK Government published its Online Harms White Paper and launched a Consultation. In February 2020, the Government published its initial response to that Consultation. In its 15 December 2020 full response to the Online Harms White Paper Consultation, the Government outlined its vision for tackling harmful content online through a new…
EU Publishes Proposal For Digital Services Act
On December 15, 2020, the European Commission published its proposed Regulation on a Single Market for Digital Services, more commonly known as the Digital Services Act (“DSA Proposal”). In publishing the Proposal, the Commission noted that its goal was to protect consumers and their fundamental rights online, establish an accountability framework for online services,…
Expansion of the Procurement Collusion Strike Force
Just over a year after launching the Procurement Collusion Strike Force (“PCSF”), the U.S. Department of Justice’s Antitrust Division (“DOJ”) announced new measures to further its pursuit of antitrust and related crimes in government procurement, grant, and program funding. These changes expand the PCSF’s enforcement capacity and signal DOJ’s enduring—and intensifying—commitment to the PCSF’s mission.…