I am pleased to announce publication of the 2022 version of the Lathrop GPM Legal Guide to Privacy and Data Security.
The Guide can be downloaded from the Minnesota Department of Employment and Economic Development website here or our law firm website.
The purpose of the Guide, a collaborative effort of Lathrop GPM and the State of Minnesota, is to help businesses and organizations navigate the legal issues related to privacy and data security. The Guide covers the key federal, state, and global privacy laws, as well as best practices.
While we have not yet seen a comprehensive federal data privacy law, Virginia and Colorado followed California in passing new data privacy laws in 2021. Other states have legislative initiatives underway, and we are likely to see more states enacting data privacy laws this year. Any business that collects personal information of Colorado, Virginia, or California residents will want to become familiar with these new laws.
Businesses should focus on the concepts that are consistent across most of the federal and state privacy bills/laws (data minimization, data subject rights, notice, and consent). Operationalizing these concepts and remaining flexible will allow businesses to adapt and comply with this ever-changing legal landscape.
In 2021 the European Commission issued new Standard Contractual Clauses (“SCC’s”) that can be used to transfer personal data from the EU in compliance with the GDPR. These SCC’s may now be the only legal mechanism available to a US-based business that collects, stores, or processes personal data of EU residents.
I welcome your thoughts and comments as we will continue to update this Guide as necessary to keep current with ever-changing privacy and data security laws.
I am also very excited about the February 7 session I will be moderating on privacy for the marginalized at the upcoming 2022 Midwest Legal Conference on Privacy and Data Security (description below). This is an important and overlooked topic. Joining me at this session is the author of Privacy at the Margins, Professor Scott Skinner Thompson, and Professor Michele Gilman, author of Poverty Lawgorithms: A Poverty Lawyer’s Guide to Fighting Automated Decision-Making Harms on Low-Income Communities (2020).
In 2021 the European Commission issued new Standard Contractual Clauses (“SCC’s”) that can be used to transfer personal data from the EU in compliance with the GDPR. These SCC’s may now be the only legal mechanism available to a US-based business that collects, stores, or processes personal data of EU residents.
I welcome your thoughts and comments as we will continue to update this Guide as necessary to keep current with ever-changing privacy and data security laws.
I am also very excited about the February 7 session I will be moderating on privacy for the marginalized at the upcoming 2022 Midwest Legal Conference on Privacy and Data Security (description below). This is an important and overlooked topic. Joining me at this session is the author of Privacy at the Margins, Professor Scott Skinner Thompson, and Professor Michele Gilman, author of Poverty Lawgorithms: A Poverty Lawyer’s Guide to Fighting Automated Decision-Making Harms on Low-Income Communities (2020).
Privacy is often an afterthought, and sacrificed in the name of efficiency, security, or profit. However, privacy is both a critical individual right, particularly for marginalized groups disproportionately subjected to surveillance by private and governmental actors, and a fundamental component of a well-functioning democracy. This panel will discuss disparate harms to those rendered most vulnerable to surveillance regimes based on their racial, sexual, immigration, religious, or socio-economic status, while also foregrounding conceptions of privacy that may help society better appreciate its role in enhancing equality and democracy. The panel will enhance – and sometimes may challenge – understandings of privacy and the implications for marginalized communities, helping attendees give the most complete, informed policy and practice advice to clients who collect, use, and share people’s data.
No comments :
Post a Comment