Advocate (Dr.) Prashant Mali's Blog

Brazilian LGPD & European GDPR Compared  Brazilian LGPD & European GDPR Compared  Brazilian General Data Protection Law ( Lei Geral de Protecao de Dados  or LGPD) , a law with many similarities to the European Union’s General Data Protection Regulation (the “GDPR”) is now effective.  On April 29 of this year, Brazil’s President issued Provisional Measure 959 that, amongst other things, postponed the effective date of the LGPD, which was originally set to be effective August 2020, to May 3, 2021.  Brazil’s Chamber of Deputies amended the measure so that the LGPD would take effect in December 2020.  The Senate then decided that any postponement was void because the effective date had already been decided by Congress.  The amended measure was sent to the President for his signature, providing him with the date of September 17, 2020 to sign the measure, which would make the law effective as of the original effective date, or veto it.  The President sanctioned the law and the LGPD i

What’s Changed in the CPRA?  The California Privacy Rights Act of 2020   The California Privacy Rights Act of 2020 (CPRA) is the law now. With some exceptions, the CPRA expands privacy protections afforded under the current California Consumer Privacy Act of 2018 (CCPA), giving consumers more rights over their personal information and requiring greater transparency and obligations from businesses. Beyond new rights, the CPRA establishes a privacy enforcement agency - the California Privacy Protection Agency - that would be the first of its kind state agency dedicated to privacy enforcement. The CPRA also reaches areas of digital privacy untouched by the CCPA, including dark patterns, behavioral advertising, and profiling. In addition to these remarkable changes, the CPRA significantly amends existing rights and responsibilities presently enforced under the CCPA. The CPRA’s amendments serve to clarify ambiguous areas of the CCPA and, if passed, will better align the law’s text with its

Can GDPR Fines be covered under Cyber Insurance coverage in India? By Prashant Mali,  Cyber Law & Privacy Expert. Cyber policies usually grant cover for civil fines provided that these fines are “ insurable at law ”. Where insurance for fines and penalties is available, this is usually as part of an operator’s general liability policy, although, as set out above, there is no general rule and some such policies routinely exclude such cover). In addition, prudent directors of port and terminal operators who are faced with the possibility of personal exposure to civil fines will take steps to ensure that their D&O policy will cover them if they are investigated personally.  Example Policy Terms Insurance coverage is available for fines and penalties. A popular form of cyber insurance includes, as an item of covered loss: [C]ivil fines or penalties imposed by a governmental agency and arising from a Regulatory Action, unless the civil fine or penalty i