Skip Repeated Content

BCLP Partner Christian Auty was quoted Dec. 30 by Legaltech News in the second of the seven-part series on legal tech’s predictions for cybersecurity for 2022. “GDPR has required the creation of a data inventory or a data map since 2018 for both controllers and processors subject to the Regulation, but this has not been a requirement in the United States to date. That is about to change,” Christian said. “Specifically, three laws taking effect in 2023 (the Virginia, Colorado, and new California privacy laws) all have a ‘data minimization’ requirement, meaning that companies are obligated to locate and delete personal data they no longer need.”

This document provides a general summary and is for information/educational purposes only. It is not intended to be comprehensive, nor does it constitute legal advice. Specific legal advice should always be sought before taking or refraining from taking any action.