The European Court of Justice has issued two important decisions interpreting the European Union’s General Data Protection Regulation. One addresses the right to compensation for GDPR violations, and the other addresses the scope of an individual’s right of access when his or her data has been provided by a controller to other recipients. Each decision is discussed below.
This year has so far proven to be quite active in terms of state privacy legislation. In 2022, California, Virginia, Colorado, Utah, and Connecticut were the five states with consumer privacy laws on the books, all set to take effect in 2023. Then, earlier this year, Iowa, Indiana, and Tennessee enacted their own respective comprehensive privacy laws. Iowa’s and Tennessee’s laws will take effect in 2025, and Indiana’s law will take effect in 2026.
The Constangy Cyber Advisor posts regular updates on legislative developments, data privacy, and information security trends. Our blog posts are informed through the Constangy Cyber Team's experience managing thousands of data breaches, providing robust compliance advisory services, and consultation on complex data privacy and security litigation.
Subscribe
Contributors
- Suzie Allen
- John Babione
- Bert Bender
- Ansley Bryan
- Jason Cherry
- Christopher R. Deubert
- Maria Efaplomatidis
- Sebastian Fischer
- Laura Funk
- Lauren Godfrey
- Taren N. Greenidge
- Chasity Henry
- Julie Hess
- Sean Hoar
- Donna Maddux
- David McMillan
- Ashley L. Orler
- Todd Rowe
- Melissa J. Sachs
- Allen Sattler
- Brent Sedge
- Matthew Toldero
- Alyssa Watzman
- Aubrey Weaver
- Xuan Zhou