Earlier this month the California Privacy Protection Agency (CPPA) held its inaugural public meeting. The CPPA was created under Proposition 24, the California Privacy Rights Act (CPRA), which was approved by California voters on November 3, 2020.
June 2021
FERC Establishes Unprecedented Joint Federal-State Task Force on Electric Transmission, Issues Policy Statement on State Voluntary Agreements
On June 17, FERC took two actions intended to facilitate greater coordination with and between state regulators on electric transmission policy and development. First, FERC issued an order establishing a Joint Federal-State Task Force on Electric Transmission (Task Force), and soliciting nominations for state commission representation on the Task Force from the National Association of…
Transatlantic Summits: Main Takeaways for Tech and Defense
Three summits last week—G-7, NATO, and U.S.-EU—launched a wide range of transatlantic initiatives to coordinate policy, particularly on trade, technology, and defense. These new formats and dialogues can ensure a much deeper level of regulatory cooperation between the United States and Europe by exchanging perspectives, briefing materials, and in some cases,…
What you need to know about the CMA’s consultation on the Retained Vertical Agreements Block Exemption Regulation
The Competition and Markets Authority (“CMA”) is consulting on its proposed recommendation to the Secretary of State for Business, Energy and Industrial Strategy to replace the retained Vertical Agreements Block Exemption Regulation (“retained VABER”) with a new UK Vertical Agreements Block Exemption Order (“VABEO”).
The retained VABER is the European Commission Regulation No 330/2010, which…
White House Issues Guidance on Limiting Waivers of Domestic Sourcing Laws – What Contractors Need to Know
On June 11, 2021, the White House released new guidance on its plans to limit waivers of domestic sourcing laws, bolstering its January 2021 Executive Order on “Ensuring the Future is Made in All of America by All of America’s Workers.” The guidance, entitled “Increasing Opportunities for Domestic Sourcing and Reducing the Need for Waivers…
EDPB Adopts Finalized Recommendations on Supplemental Transfer Tools to Ensure GDPR-Compliant Data Transfers
On June 21, 2021, the European Data Protection Board (“EDPB”) published its finalized recommendations on measures that supplement transfer tools to ensure compliance with the General Data Protection Regulation (“GDPR”), where organizations transfer personal data from the European Economic Area (“EEA”) to a country outside the EEA (“third country”) (see here). While the final…
CCPA Consumer Request Metrics Reporting Due July 1, 2021
The deadline is quickly approaching for businesses to post their consumer request metrics under the California Consumer Privacy Act (CCPA) Regulations.…
Inside Privacy Audiocast Episode 15: Data Privacy Developments in Saudi Arabia and the Middle East
By Dan Cooper
On Episode 15 of Covington’s Inside Privacy Audiocast, Dan Cooper is joined by Nick O’Connell, head of Al Tamimi’s Digital & Data practice in Saudi Arabia. Nick shares his insights on recent privacy developments in Saudi Arabia and the broader Middle East region, in particular as they relate to emerging data protection frameworks in these…
Key Takeaways from China’s Regulation on the Administration of Human Genetic Resources
By John Balzano
On June 10, 2019, the State Council (China’s chief executive agency) promulgated the long-awaited Regulation on the Administration of Human Genetic Resources (the “Regulation”), which will become effective on July 1, 2019. The Regulation supersedes the currently effective regulations and guidance on human genetic resources (“HGR”).
CJEU Decides on Competence of Supervisory Authorities to Bring Cases Before National Courts under the GDPR
On June 15, 2021, the Court of Justice of the European Union (“CJEU”) rendered a decision (press release here, full judgment here) addressing whether a European supervisory authority (“SA”) that is not the “Lead SA” (as defined in Article 56 GDPR) has competence to bring a case for an alleged violation of the…