Yana Komsitsky

Contact:

California Privacy Protection Agency (CPPA) Finally Voted to Adopt Much Debated Update to CCPA Regulations: What Your Business Should Know

By Danny Riley & Yana Komsitsky on July 28, 2025

Posted in Commercial Litigation, Data Privacy, Information Governance, Information Security, Legislation

On July 24, 2025, the California Privacy Protection Agency (“CPPA”) unanimously voted to adopt a package of Proposed Regulations for the California Consumer Privacy Act (“CCPA”), marking a significant development in California privacy law. These cover Automated Decision-making Technology (“ADMT”), mandatory Cybersecurity Audits, Risk Assessments, and clarifications for the CCPA’s applicability to Insurance Companies. The package will move into its final review stage before formal enactment, once filed with the California Office of Administrative Law.

CCPA Steering Toward Operational Compliance

This is a clear signal that privacy compliance expectations in California are trending toward a more operational phase. The new rules are designed to give Californians greater control over how their personal information is used while pushing businesses toward higher levels of transparency and accountability, especially when automated decision-making and high-risk data processing is involved. For companies, this is more than just a theoretical update – it’s a clarion call to ensure these requirements are built into day-to-day governance, technology and process design, and vendor management practices.Continue Reading California Privacy Protection Agency (CPPA) Finally Voted to Adopt Much Debated Update to CCPA Regulations: What Your Business Should Know

The UK’s New Amendments to the UK GDPR Become Law and Get a Nod from the EU. What happens now?

By Yana Komsitsky on June 26, 2025

Posted in Data Privacy, International Privacy, Legislation

1750950281-2715-9541-lxb_photoQPOaQ2Kp80clxb_photo- — Chris Lawton, Unsplash

The UK’s Data (Use and Access) Act received Royal Assent last Thursday, June 19^th, bringing into law some significant changes to the country’s post Brexit data protection framework, among an array of other, related rules (on matters ranging from financial conduct to smart meters and “underground assets,” which is more to do with…

Adequacy for the US (kind of) – But What Are the Side Effects?

By John Tomaszewski, Jason Priebe & Yana Komsitsky on July 26, 2023

Posted in Cybersecurity, Data Privacy, Information Security, International Privacy, Legislation, Litigation, Trade Secrets

glenn-carstens-peters-npxXWgQ33ZQ-unsplash

This post was originally published to Seyfarth’s Global Privacy Watch blog.

On July 10th, the European Commission issued its Implementing Decision regarding the adequacy of the EU-US Data Privacy Framework (“DPF”). The Decision has been eagerly awaited by US and Europe based commerce, hoping it will help business streamline cross-Atlantic data transfers, and by…

Menu

Carpe Datum Law

Yana Komsitsky

California Privacy Protection Agency (CPPA) Finally Voted to Adopt Much Debated Update to CCPA Regulations: What Your Business Should Know

CCPA Steering Toward Operational Compliance

Adequacy for the US (kind of) – But What Are the Side Effects?

About Seyfarth's eDiscovery and Information Governance Team