Quarterly Cyber Regulations Update: February 2023

Nick Shepherd’s commentary was featured in The Wall Street Journal’s quarterly cyber regulations update focusing on forthcoming cyber regulations, updates on the most recent privacy law changes in the U.S. and EU, and key trends for companies to know.

Nick remarked that Covington has seen a significant amount of privacy enforcement in the U.S. and Europe in recent months and years and expects that to continue.

“In the U.S., the Federal Trade Commission reached a number of settlements arising from allegations of privacy violations, including for alleged COPPA violations,” he said. “In August 2022, we also saw the first ever privacy settlement reached under a state’s comprehensive privacy law, the California Consumer Privacy Act.” In addition, he expects the trend of the enforcement of the EU’s General Data Protection Regulation significant ramping up to continue.

For businesses that will be affected by the implementation of these new regulations, Nick suggested a few best practices:

• Examine personal information flows to third parties and confirm the company’s position on whether it “sells” personal data or shares it for purposes of “cross-context behavioral advertising.”
• Update privacy notices to reflect how the company collects, accurately uses, and shares personal information.
• Audit contracts with third parties to ensure the company has in place any data-protection terms required by law, which should align with the company’s overall approach to privacy compliance.

Click here to read the full article.