On December 10, 2020, California Attorney General Xavier Becerra (California AG) released a fourth set of proposed modifications to the California Consumer Privacy Act (CCPA) regulations that went into effect on August 14,...more
On March 11, 2020, the California Attorney General, Xavier Becerra, (“California AG”) released a second set of modifications to the proposed regulations pursuant to the California Consumer Privacy Act of 2018 (“CCPA”). These...more
3/26/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Employee Benefits ,
Opt-In ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
Rulemaking Process ,
State and Local Government ,
State Attorneys General ,
Statutory Interpretation
On February 7 and again on February 10, 2020, the California Attorney General Xavier Becerra released an updated draft of proposed regulations pursuant to the California Consumer Privacy Act of 2018 (“CCPA”). The updated...more
2/14/2020
/ Anti-Discrimination Policies ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Brokers ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
Regulatory Agenda ,
Regulatory Requirements ,
Rulemaking Process ,
State and Local Government ,
State Attorneys General
Happy New Year! At long last, the California Consumer Privacy Act of 2018 (“CCPA”) went into effect yesterday, January 1, 2020. For those who have not yet heard, the CCPA establishes a comprehensive legal framework to govern...more
1/3/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Deletion ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Opt-In ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Right to Delete ,
State and Local Government
With the January 1, 2020 effective date of the California Consumer Privacy Act (the “CCPA”) rapidly approaching, all eyes have been on the California legislature’s consideration of a robust suite of amendments that would...more
10/21/2019
/ California Consumer Privacy Act (CCPA) ,
Class Action ,
Consumer Privacy Rights ,
Customer-Loyalty Programs ,
Cybersecurity ,
Data Breach ,
Data Brokers ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Employee Privacy Rights ,
New Amendments ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
State and Local Government ,
State Data Breach Notification Statutes
On October 10, 2019, the California Attorney General added to the complexity of the California Consumer Privacy Act of 2018 (“CCPA”) by releasing long-awaited proposed regulations that provide guidance on various elements of...more
10/16/2019
/ California Consumer Privacy Act (CCPA) ,
Comment Period ,
Consumer Privacy Rights ,
COPPA ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Digital Service Providers ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
Public Comment ,
Right to Delete ,
Rulemaking Process ,
State and Local Government
With the January 1, 2020 effective date of the California Consumer Privacy Act (the “CCPA”) rapidly approaching, all eyes have been on the California legislature’s consideration of a robust suite of amendments that would...more
9/18/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Brokers ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Exemptions ,
Legislative Agendas ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Amendments ,
Regulatory Agenda ,
Rulemaking Process ,
State and Local Government
Following in California’s footsteps, Nevada has passed a new privacy law providing consumers the right to opt out of the sale of their personal information. Senate Bill 220 (SB-220), signed into law by Governor Steve Sisolak...more
6/11/2019
/ Consumer Privacy Rights ,
Data Collection ,
Data Management ,
Data Protection ,
Data-Sharing ,
New Legislation ,
Online Platforms ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws ,
State and Local Government ,
Statutory Requirements
In 2018, the California legislature made headlines with its game-changing data protection law: the California Consumer Privacy Act of 2018. ...more
3/19/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Legislative Agendas ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Legislation ,
State and Local Government
Yesterday, German federal and state (Länder) data protection authorities ("DPAs") issued a Position Paper following the recent Court of Justice of the European Union ("CJEU") ruling that struck down the EU-US Safe Harbor...more
10/27/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Cloud Computing ,
Cybersecurity ,
Data Privacy ,
Data Protection Authority ,
European Commission ,
European Court of Justice (ECJ) ,
Germany ,
International Data Transfers ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
US-EU Safe Harbor Framework
The European Court of Justice’s (CJEU) recent decision striking down the EU-US Safe Harbor framework has created significant marketplace uncertainty and left companies scrambling for alternative cross-Atlantic data transfer...more
10/20/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Compliance ,
Cybersecurity ,
Data Protection Authority ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ireland ,
National Security ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
The European Court of Justice's (CJEU) recent decision striking down the EU-US Safe Harbor framework has created significant marketplace uncertainty and left companies scrambling for alternative cross-Atlantic data transfer...more
10/19/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Cybersecurity ,
Data Protection Authority ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ireland ,
National Security ,
National Security Agency (NSA) ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
On October 6, California Governor Jerry Brown signed legislation updating California’s data breach notice statute for the third time in three years. The news was quickly overshadowed by the CJEU’s decision invalidating the...more
10/15/2015
/ Breach Notification Rule ,
Compliance ,
Corporate Counsel ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Incident Reporting ,
Data Breach ,
Data Protection ,
Encryption ,
European Court of Justice (ECJ) ,
Hackers ,
Incident Response Plans ,
International Data Transfers ,
New Legislation ,
Popular ,
Privacy Concerns ,
Privacy Laws ,
Right to Privacy ,
US-EU Safe Harbor Framework
Earlier this month, privacy and security professionals from around the globe gathered for “Privacy. Security. Risk. 2015”—the second joint conference between the International Association of Privacy Professionals and the...more
10/15/2015
/ Big Data ,
Cloud Computing ,
Compliance ,
Covered Entities ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
Data Security ,
Department of Health and Human Services (HHS) ,
Dropbox ,
Edward Snowden ,
Enforcement Actions ,
Ethics ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
FCC ,
Federal Trade Commission (FTC) ,
Google ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
International Data Transfers ,
Internet of Things ,
Ireland ,
Microsoft ,
National Security ,
National Security Agency (NSA) ,
OCR ,
Personal Data ,
Popular ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
Security Risk Assessments ,
US-EU Safe Harbor Framework
As we head into the end of 2015, state legislators across the country continue to strengthen, update and, in some instances, broaden the scope of their respective state data breach notification laws. Specifically, many...more
10/1/2015
/ Bank Accounts ,
Breach Notification Rule ,
Credit Cards ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Breach Plans ,
Data Protection ,
Data Security ,
Debit Cards ,
Hackers ,
Passwords ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Legislation ,
Social Security Numbers