COVID-19, the California Consumer Privacy Act (CCPA) coming into force, and the invalidation of the EU-US Privacy Shield already made 2020 an especially active year for privacy and data security risks and obligations. Rounding out the year, December then brought discovery of the unprecedented Solarwinds cyberattack affecting government agencies, critical infrastructure entities and others.

Thus, looking ahead, organizations must keep up with the dynamic and increasing legal obligations governing privacy and data security, understand how they apply, monitor risks and attack trends, and manage their compliance to minimize exposure.

Read our Practical Law article for an overview of the past year’s privacy and data security legal developments and predictions for issue to look out for 2021.