The push by U.S. states to pass data privacy laws continues with Maryland being the 18th state to join their ranks. However, Maryland has taken a more stringent and comprehensive approach than many of its peers: Governor Wes...more
5/17/2024
/ Commodity Exchange Act (CEA) ,
Consumer Privacy Rights ,
COPPA ,
Data Protection ,
Fines ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Maryland ,
Opt-Outs ,
Penalties ,
Personal Data ,
Personal Information ,
Popular ,
Securities Exchange Act
As U.S. states continue to pass data privacy legislation, Maryland has gone above and beyond in signing both the Maryland Online Data Privacy Act of 2024 (MODPA) and the Maryland Age Appropriate Design Code (HB 603/SB...more
5/17/2024
/ COPPA ,
Covered Entities ,
Data Management ,
Data Protection ,
Fines ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Maryland ,
Minor Children ,
Penalties ,
Personal Data ,
Popular ,
Privacy Laws ,
Safety Standards
The Federal Trade Commission (“FTC”) announced on Monday that it is settling a case against Drizly and its CEO stemming from a 2020 data breach that impacted roughly 2.5 million consumers. The proposed order not only...more
10/31/2022
/ Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Hackers ,
Identity Theft ,
Personal Data ,
Popular ,
Securities and Exchange Commission (SEC) ,
Settlement
Ransomware is the “business pandemic.” Warnings have been issued by multiple agencies around the world to alert businesses to increase their protection and awareness. Most recently, the Department of Health and Human...more
4/29/2022
/ American Hospital Association ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Malware ,
Phishing Scams ,
Popular ,
Ransomware ,
Russia ,
Ukraine ,
Vulnerability Assessments
As public companies embark on the year-end reporting process, they will need to consider, and in some cases take steps to address, a number of significant developments and issues. As in past years, Mintz has prepared a...more
1/19/2022
/ Annual Meeting ,
Coronavirus/COVID-19 ,
Corporate Governance ,
Cybersecurity ,
Data Privacy ,
Disclosure Requirements ,
Enforcement ,
Environmental Social & Governance (ESG) ,
Executive Compensation ,
Fiscal Year ,
Nasdaq ,
New Legislation ,
NYSE ,
Popular ,
Publicly-Traded Companies ,
Securities and Exchange Commission (SEC) ,
Shareholder Meetings
Before the holidays, we warned of a critical vulnerability in a widely-used Java logging utility that could affect tens of thousands of companies. Since that original alert, multiple US and foreign government cybersecurity...more
Welcome to Fall 2021! We’re trying to curate some of the week’s privacy and cybersecurity news to keep you up-to-date:
CONTI RANSOMWARE ON THE RISE — Another week, another US agency joint advisory on ransomware. The...more
The Home Depot, Inc. (“Home Depot”) recently entered into a multi-state Assurance of Voluntary Compliance with Attorneys General of 46 states and the District of Columbia (the “Settlement”) stemming from a massive 2014 data...more
12/3/2020
/ Chief Information Security Officer (CISO) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Home Depot ,
Personal Information ,
Popular ,
Settlement ,
State Attorneys General
The New York State Department of Financial Services (“NYDFS”) has announced its first enforcement action of NYDFS’ Cybersecurity Regulation, Part 500 of Title 23 (“Cybersecurity Regulation”) against First American Title...more
The California AG’s office has dropped the long-awaited final CCPA Regulations, and requested expedited review from the Office of Administrative Law. If this request is granted, the regulations will be effective by July...more
Amidst multiple investigations into the privacy and security practices at Zoom Video Communications (“Zoom”), New York Attorney General Letitia James recently announced a settlement agreement with Zoom after the failings of...more
5/13/2020
/ Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Department of Education ,
Facebook ,
Popular ,
Settlement Agreements ,
State Attorneys General ,
Videoconference ,
Virtual Meetings ,
Zoom®
The NYDFS has announced that it has extended the deadline for compliance with certain cybersecurity requirements due to the coronavirus emergency.
The announcement from the Superintendent of Financial Services of the State...more
4/1/2020
/ Banking Sector ,
Chief Information Security Officer (CISO) ,
Compliance ,
Confidential Information ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Disclosure Requirements ,
Financial Institutions ,
Financial Services Industry ,
Information Technology ,
Insurance Industry ,
Notice Requirements ,
NYDFS ,
Personally Identifiable Information ,
Popular ,
Risk Assessment ,
Risk Management ,
Third-Party Service Provider
With cases of the Novel Coronavirus (COVID-19) emerging in nearly every state, many businesses are taking swift action in an effort to curb its spread. Teleworking, “remote working,” or simply “working from home,” is a...more
3/17/2020
/ Bring Your Own Device (BYOD) ,
Business Continuity Plans ,
Centers for Disease Control and Prevention (CDC) ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Protection ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Infectious Diseases ,
Phishing Scams ,
Popular ,
Public Health ,
Remote Working ,
Risk Management ,
Telecommuting
If you haven’t been paying attention to all the Microsoft warnings for the past year and your company is still running Windows 7, time’s up. After January 14, 2020, Microsoft will stop pushing out security updates to Windows...more
The Court of Justice of the European Union (CJEU) – the European Union’s equivalent to the US Supreme Court – has issued a very important ruling with respect to cookie compliance that may require re-evaluation of your cookie...more
10/3/2019
/ Cookies ,
Data Collection ,
Data Processors ,
Data Protection Authority ,
EU Data Protection Laws ,
European Court of Justice (ECJ) ,
Personal Data ,
Popular ,
Prior Express Consent ,
Social Media ,
Website Owner Liability ,
Websites
As we reported here, the final days of the 2019 California legislative session are winding down, with important amendments to the California Consumer Privacy Act (CCPA) still pending. In Thursday’s Senate session, AB 1130 was...more
They grow up so fast! A sentiment – and challenge – shared by parents and technologists alike. Just when you think you’ve finally figured it out, you blink, and they’re unrecognizable. The old rules can no longer be trusted...more
8/27/2019
/ COPPA ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Guidance Update ,
Mobile Apps ,
Online Safety for Children ,
Parental Consent ,
Personally Identifiable Information ,
Popular ,
Public Comment ,
Website Owner Liability ,
Websites
The California Legislature has returned from its summer recess and got right to work on the pending amendments to the California Consumer Privacy Act (CCPA). The Legislature has 30 days from today to send any amendments to...more
According to our CCPA Countdown Clock, we are 161 days and counting to the effective date of the California Consumer Privacy Act. The Mintz Privacy team is deeply involved in working with clients on developing compliance...more
Significant changes to the Massachusetts data breach notification law take effect on April 11, 2019. You can view the amendment here. If you haven’t looked at your written information security plan, or WISP, in a while, now’s...more
Recently, Amazon refused (registration required) to provide data from an Amazon Echo device in a case involving the a double homicide in response to an order issued by a New Hampshire state judge. Prosecutors believe that the...more
Recently, the Federal Trade Commission (“FTC”) announced that it has finalized its expanded settlement with ride-haling giant, Uber Technologies, Inc. (“Uber”) related to two major data breach incidents. The initial breach...more
11/16/2018
/ Consumer Information ,
Cybersecurity ,
Data Breach ,
Data Security ,
Federal Trade Commission (FTC) ,
Notification Requirements ,
Personally Identifiable Information ,
Popular ,
Reporting Requirements ,
Settlement Agreements ,
Third-Party Service Provider ,
Uber
Welcome to October! October 2018 marks the 15th year of the observance of National Cyber Security Awareness Month, a joint effort of the U.S. Department of Homeland Security and the National Cyber Security Awareness Alliance....more
Late last week the White House released its National Cyber Strategy, setting forth its approach to protecting U.S. critical infrastructure from global cyber threats. The National Cyber Strategy builds off of Executive Order...more
Manufacturers of wireless devices used for Internet of Things (IoT) applications should take heed of new Trump Administration proposals aimed at reducing the cybersecurity threats from botnets and other automated and...more
6/26/2018
/ Automation Systems ,
Bots ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Security ,
Department of Homeland Security (DHS) ,
Executive Orders ,
Federal Trade Commission (FTC) ,
Internet of Things ,
Manufacturers ,
NIST ,
NTIA ,
Popular ,
Smart Devices ,
Software Developers ,
Trump Administration ,
Wireless Devices