Emily Tabatabai

Emily Tabatabai

Orrick, Herrington & Sutcliffe LLP

Contact
View Bio
RSS

Latest Posts › Personally Identifiable Information

Share:

Playtime is Over for Apps Collecting Health‐Related Data – FTC Announces Intent to Enforce Health Breach Rule

The Federal Trade Commission ("FTC") recently announced its intent to "vigorously" enforce its 2009 Health Breach Notification Rule (the "Rule") via a policy statement that sheds light on the Rule's scope. The policy...more

9/24/2021  /  Application Programming Interface (APIs) , Cybersecurity , Data Collection , Data Privacy , Federal Trade Commission (FTC) , FTC Act , Health Insurance Portability and Accountability Act (HIPAA) , Mobile Apps , Mobile Health Apps , Personally Identifiable Information , Popular

Wait…CCPA 2.0? What Is the California Privacy Rights Act of 2020 and Will It Become Law?

On May 4, 2020, Californians for Consumer Privacy announced that it submitted over 900,000 signatures to qualify the California Privacy Rights Act of 2020 (“CPRA”) for California’s November 2020 ballot. With the California...more

5/22/2020  /  Ballots , California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Data Collection , Data Management , Data Privacy , Data Protection , Information Governance , Legislative Agendas , Personal Data , Personally Identifiable Information , Rulemaking Process , State and Local Government

California AG Releases More Modifications to CCPA Regulations

On March 11, 2020, the California Attorney General, Xavier Becerra, (“California AG”) released a second set of modifications to the proposed regulations pursuant to the California Consumer Privacy Act of 2018 (“CCPA”). These...more

3/26/2020  /  California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Data Collection , Data Privacy , Employee Benefits , Opt-In , Opt-Outs , Personal Data , Personally Identifiable Information , Privacy Laws , Privacy Policy , Rulemaking Process , State and Local Government , State Attorneys General , Statutory Interpretation

California Attorney General Releases Updated Drafts of Proposed CCPA Regulations

On February 7 and again on February 10, 2020, the California Attorney General Xavier Becerra released an updated draft of proposed regulations pursuant to the California Consumer Privacy Act of 2018 (“CCPA”).  The updated...more

2/14/2020  /  Anti-Discrimination Policies , California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Cybersecurity , Data Brokers , Data Collection , Data Management , Data Privacy , Data Protection , Information Governance , Opt-Outs , Personal Data , Personally Identifiable Information , Privacy Laws , Privacy Policy , Regulatory Agenda , Regulatory Requirements , Rulemaking Process , State and Local Government , State Attorneys General

The CCPA Is in Effect and It Is Not Too Late to Get Started in 2020

Happy New Year! At long last, the California Consumer Privacy Act of 2018 (“CCPA”) went into effect yesterday, January 1, 2020. For those who have not yet heard, the CCPA establishes a comprehensive legal framework to govern...more

1/3/2020  /  California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Cybersecurity , Data Collection , Data Deletion , Data Management , Data Privacy , Data Protection , Information Governance , Opt-In , Opt-Outs , Personal Data , Personally Identifiable Information , Privacy Laws , Right to Delete , State and Local Government

California Governor Signs CCPA and Breach Notification Statute Amendments into Law

With the January 1, 2020 effective date of the California Consumer Privacy Act (the “CCPA”) rapidly approaching, all eyes have been on the California legislature’s consideration of a robust suite of amendments that would...more

10/21/2019  /  California Consumer Privacy Act (CCPA) , Class Action , Consumer Privacy Rights , Customer-Loyalty Programs , Cybersecurity , Data Breach , Data Brokers , Data Collection , Data Management , Data Privacy , Data Protection , Employee Privacy Rights , New Amendments , Personal Data , Personally Identifiable Information , Privacy Laws , State and Local Government , State Data Breach Notification Statutes

Up for Interpretation: Proposed CCPA AG Regulations Open for Public Comment

On October 10, 2019, the California Attorney General added to the complexity of the California Consumer Privacy Act of 2018 (“CCPA”) by releasing long-awaited proposed regulations that provide guidance on various elements of...more

10/16/2019  /  California Consumer Privacy Act (CCPA) , Comment Period , Consumer Privacy Rights , COPPA , Cybersecurity , Data Collection , Data Management , Data Privacy , Data Protection , Digital Service Providers , Opt-Outs , Personal Data , Personally Identifiable Information , Privacy Laws , Privacy Policy , Public Comment , Right to Delete , Rulemaking Process , State and Local Government

The End of the California Legislative Session: Which CCPA Amendments Passed?

With the January 1, 2020 effective date of the California Consumer Privacy Act (the “CCPA”) rapidly approaching, all eyes have been on the California legislature’s consideration of a robust suite of amendments that would...more

9/18/2019  /  California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Cybersecurity , Data Brokers , Data Collection , Data Management , Data Privacy , Data Protection , Exemptions , Legislative Agendas , Personal Data , Personally Identifiable Information , Privacy Laws , Proposed Amendments , Regulatory Agenda , Rulemaking Process , State and Local Government

Nevada Passes Opt-Out Law, Effective October 2019 – Three Months Before the CCPA

Following in California’s footsteps, Nevada has passed a new privacy law providing consumers the right to opt out of the sale of their personal information. Senate Bill 220 (SB-220), signed into law by Governor Steve Sisolak...more

6/11/2019  /  Consumer Privacy Rights , Data Collection , Data Management , Data Protection , Data-Sharing , New Legislation , Online Platforms , Opt-Outs , Personally Identifiable Information , Privacy Laws , State and Local Government , Statutory Requirements

State Legislators Joining the Consumer Privacy Protection Party: Introduced CCPA-Like Bills

In 2018, the California legislature made headlines with its game-changing data protection law: the California Consumer Privacy Act of 2018. ...more

3/19/2019  /  California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Corporate Counsel , Cybersecurity , Data Collection , Data Privacy , Data Protection , Legislative Agendas , Personal Data , Personally Identifiable Information , Privacy Laws , Proposed Legislation , State and Local Government

Making Your Head Spin: “Clean Up” Bill Amends the California Consumer Privacy Act, Delaying Enforcement But Making Class...

The California Consumer Privacy Act of 2018 (the “CCPA” or the “Act”), which we reported on here and here continues to make headlines as the California legislature fast-tracked a “clean up” bill to amend the CCPA before the...more

9/5/2018  /  Attorney General , California Consumer Privacy Act (CCPA) , Consumer Protection Laws , Corporate Counsel , Data Breach , Personally Identifiable Information , Preemption , Private Right of Action , State and Local Government

Did California Open (Another) Floodgate for Breach Litigation?

Game-changing Calif. Consumer Privacy Act of 2018 puts statutory breach damages on the table - The recently-enacted California Consumer Privacy Act of 2018 is a game-changer in a number of respects. The Act imports...more

8/24/2018  /  Class Action , Cyber Attacks , Cybersecurity , Data Breach , Data Protection , Hackers , New Legislation , Personal Data , Personally Identifiable Information , Popular , Risk Management , State and Local Government , State Data Breach Notification Statutes

Cybersecurity & Privacy Predictions For 2018

Orrick of counsel Emily Tabatabai, a founding member of our Cybersecurity & Data Privacy team, recently spoke with Law360 regarding cybersecurity and privacy predictions for 2018. Emily discussed the inherent privacy and...more

1/3/2018  /  Cyber Attacks , Cyber Crimes , Cyber Insurance , Cyber Threats , Cybersecurity , Data Breach , Data Protection , Internet of Things , Personal Data , Personally Identifiable Information , Risk Management

2016 Data Breach Legislation Roundup: What to Know Going Forward

States were busy updating their data breach notification statutes in 2016. With 2016 in the rear view, let’s take a look back at the legislative changes that will impact corporate incident response processes and what those...more

1/27/2017  /  Automatic License Plate Readers , Biometric Information , Breach Notification Rule , Cybersecurity , Data Breach , Encryption , Personally Identifiable Information , Popular

Is Ransomware a Notifiable Data Breach Event?

There is no doubt that companies face unprecedented volume and variation in both disruptive and intrusive cyberattacks on their networks. Among the different attack methodologies today, ransomware is quickly becoming a major...more

7/29/2016  /  Breach Notification Rule , Cyber Attacks , Cyber Crimes , Cyber Threats , Cybersecurity , Hackers , Health Insurance Portability and Accountability Act (HIPAA) , Malware , Notification Requirements , OCR , Personally Identifiable Information , PHI , Popular , Ransomware

7th Circuit Revives P.F. Chang’s Data Breach Class Action Suit

Last week, the Seventh Circuit revived a data breach class action against P.F. Chang’s restaurant in an important opinion that continues a plaintiff-friendly trend that began with the court’s opinion in the Neiman Marcus case...more

4/21/2016  /  Class Action , Corporate Counsel , Data Breach , Identity Theft , Neiman Marcus , Notification Requirements , Personally Identifiable Information , PF Chang's , Popular , Standing

Tennessee Amends Breach Notice Statute: Sets Notice Deadline, Eliminates Encryption Safe Harbor

Tennessee recently amended its data breach notification law, and in doing so, it has joined the ranks of states like Florida, Ohio, and Wisconsin that require notification to residents of a data breach within a defined time...more

4/4/2016  /  Amended Legislation , Corporate Counsel , Cyber Attacks , Data Breach , Data Protection , Encryption , Notification Requirements , Personally Identifiable Information , Risk Management

PRIVACY POLICIES AND THE SALE OF CORPORATE ASSETS: It pays to plan ahead to preserve the value of your data assets

Personal data is a valuable corporate asset. At times, the personal information collected from customers (such as email address, mailing address, phone number, etc.) can be a company’s most valuable asset. Unfortunately,...more

10/20/2015  /  Bankruptcy Code , Chapter 11 , Commercial Bankruptcy , Customer Lists , Cyber Attacks , Cyber Crimes , Data Breach , Data Collection , Data Privacy , Data Protection , Digital Assets , Disney , Enforcement Actions , Facebook , Federal Trade Commission (FTC) , Google , Hackers , MySpace , Opt-Outs , Personal Data , Personally Identifiable Information , Privacy Policy , RadioShack , Sale of Assets , Snapchat , WhatsApp

Notifying Parties In Username/Password Breaches . . . It’s Not Just the Law

As we head into the end of 2015, state legislators across the country continue to strengthen, update and, in some instances, broaden the scope of their respective state data breach notification laws. Specifically, many...more

10/1/2015  /  Bank Accounts , Breach Notification Rule , Credit Cards , Cyber Attacks , Cyber Crimes , Cybersecurity , Data Breach , Data Breach Plans , Data Protection , Data Security , Debit Cards , Hackers , Passwords , Personally Identifiable Information , Privacy Laws , Proposed Legislation , Social Security Numbers

Mobile Apps Remain Regulatory Focus as FTC Enforces Data Privacy of Popular Program

The provider of the immensely popular “Brightest Flashlight Free” mobile app for Android reached a settlement with the Federal Trade Commission (FTC) over charges that it collected sensitive personal information, including...more

12/9/2013  /  Data Collection , Data Protection , Disclosure Requirements , Enforcement Actions , Federal Trade Commission (FTC) , Mobile Apps , Personally Identifiable Information , Settlement , Terms of Use

California Enacts Several Pieces of New Privacy Legislation

California is continuing to blaze new trails in the area of online data privacy. Gov. Jerry Brown recently signed into law several new pieces of privacy legislation. The new laws affect all operators of commercial Web sites...more

10/4/2013  /  CalOPPA , Data Breach , Data Collection , Data Protection , Disclosure Requirements , Do Not Track , Notice Requirements , Personally Identifiable Information , Right to Delete , Websites

California Introduces “Right to Know” Privacy Law, Seeking to Increase Transparency

California Assembly Member Bonnie Lowenthal recently introduced the “Right to Know Act of 2013” (AB1291) in the California State Assembly. If passed, this legislation would allow U.S. consumers unprecedented access to...more

4/15/2013  /  Disclosure Requirements , Personally Identifiable Information , Proposed Legislation , Right To Know , Sensitive Business Information

FTC Assesses $800,000 Fine Against Mobile App Operator and Issues Mobile Privacy and Security Guidance

The Federal Trade Commission has emphasized in the past that general privacy protections in the website space apply equally to mobile services, but a new FTC Staff Report released on Friday hones in on some privacy...more

2/11/2013  /  Address Book , App Developers , COPPA , Data Collection , Data Protection , Federal Trade Commission (FTC) , Mobile Apps , Notice Requirements , Parental Consent , Path Inc. , Personally Identifiable Information , Privacy Policy , Settlement , Social Networks , Transparency
23 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide