美国隐私拼凑：GDPR 公司的实际注意事项.pdf

《美国隐私拼凑：GDPR 公司的实际注意事项.pdf》由会员分享，可在线阅读，更多相关《美国隐私拼凑：GDPR 公司的实际注意事项.pdf（23页珍藏版）》请在三个皮匠报告上搜索。

1、The U.S.Privacy Patchwork:Practical Considerations for GDPR CompaniesJulian FlamantPrincipalData Protection Counsel PLLCJoke BodewitsPartnerHogan LovellsCobun Zweifel-KeeganManaging Director,D.C.IAPPWELCOME AND INTRODUCTIONSThe U.S.Privacy Patchwork“Brussels effect”Top tripwires for GDPR companiesTh

2、e trans-Atlantic privacy programAGENDA OUTLINE1234The U.S.Privacy PatchworkSource:IAPP US State Comprehensive Privacy Laws Report Overview Territorial and Material ScopeThresholdCaliforniaIndiana,Iowa,Kentucky,Utah,VirginiaColorado,New JerseyConnecticut,Minnesota,OregonDelaware,Maryland,Rhode Island

3、New HampshireMontanaTennesseeNebraska,TexasTerritoriality Threshold“Does business in California”“conducts business in state”OR“produces products or services that are intentionally targeted to residents of state”Data Processing ThresholdProcess data of at least 100K consumersProcess data of at least

4、100K consumersProcess data of at least 100K consumersProcess data of at least 100K consumers Process data of at least 35K consumersProcess data of at least 35K consumersProcess data of at least 50K consumersProcess data of at least 175K consumersanySale/Sharing ThresholdDerive at least 50%of gross r

5、evenue from sales/sharing25K consumers+Derive at least 50%of gross revenues from sales25K consumers+Any revenue/discount from sales25K consumers+Derive at least 25%of gross revenue from sales10K consumers+Derive at least 20%of gross revenue from sales10K consumers+Derive at least 25%of gross revenue

6、 from sales10K consumers+Derive at least 25%of gross revenue from sales25K consumers+Derive at least 50%of gross revenue from salesanyTerritorial and Material Scope Additional scoping thresholds and exemptionsRevenue thresholdsIn California,USD 25 million is sufficient to trigger compliance requirem