On October 30, 2023, President Biden signed the 53-page Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence that significantly advances the United States' policy framework...more
11/17/2023
/ Algorithms ,
Artificial Intelligence ,
Biden Administration ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Equity ,
Executive Orders ,
Innovative Technology ,
Machine Learning ,
National Security ,
OMB ,
Popular ,
Regulatory Agenda ,
Regulatory Oversight
On June 18, 2023, Texas Governor Greg Abbott signed H.B. 4, otherwise known as the Texas Data Privacy and Security Act (TDPSA). Following substantive legislative action in Tennessee, Montana, and Indiana, Texas now becomes...more
7/19/2023
/ Consumer Privacy Rights ,
Data Privacy ,
Data Protection Acts ,
Data Security ,
Governor Abbott ,
New Legislation ,
New Regulations ,
Regulatory Agenda ,
Regulatory Reform ,
State and Local Government ,
State Data Privacy Laws ,
State Privacy Laws ,
Texas
As we previously discussed, earlier this year the National Institute of Standards and Technology (NIST) launched the Trustworthy and Responsible AI Resource Center. Included in the AI Resource Center is NIST’s AI Risk...more
7/6/2023
/ Artificial Intelligence ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Hardware ,
Information Governance ,
Machine Learning ,
NIST ,
Raw Data Metrics ,
Reliability Standards ,
Risk Management ,
Safety Standards ,
Software ,
Third-Party ,
Transparency ,
Validation and Re-Validation Requirements
On May 4, 2022, the Connecticut legislature passed S.B. 6 entitled the “Connecticut Data Privacy Act” (CDPA) with the bill now moving to Governor Ned Lamont’s desk for signature. Although Governor Lamont is generally expected...more
5/6/2022
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
CDPA ,
Connecticut ,
Data Privacy ,
Data Security ,
DPPA ,
Enforcement ,
Fair Credit Reporting Act (FCRA) ,
FERPA ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Opt-Outs ,
Personal Data ,
Right-To-Access ,
Securities Exchange Act of 1934 ,
Sensitive Personal Information ,
State Data Privacy Laws
On August 15, 2021, a number of media outlets indicated that T-Mobile was investigating a data breach that may have included the names, date of births, phone numbers, T-Mobile account pins, Social Security numbers, and...more
On August 20, 2020, Uber’s former Chief Security Officer, Joe Sullivan, was charged by the U.S. Department of Justice (DOJ) with obstruction of justice and concealing a felony for allegedly trying to cover up a 2016...more
On March 19, 2020, the European Data Protection Board (EDPB) adopted a statement on the processing of personal data in the context of the COVID-19 outbreak. The EDPB made it clear that while the EU’s General Data Protection...more
New York State has enacted S5575, the Stop Hacks and Improve Electronic Data Security Act (“SHIELD Act”). This new law amends New York General Business Code 899-aa and adds Section 899-bb to significantly expand consumer...more
9/30/2019
/ Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Personally Identifiable Information ,
SHIELD Act ,
State Attorneys General ,
State Data Breach Notification Statutes
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
This past Friday the 13th was not a lucky day for the Federal Trade Commission (FTC). An Administrative Law Judge (ALJ) dismissed the FTC’s data security enforcement proceeding against LabMD on the grounds that the FTC failed...more
On October 6, 2015, California Governor Jerry Brown signed into law several changes to California’s Data Breach Notification Statute. The law, as amended, adds additional categories of information into the definition of...more
10/12/2015
/ Breach Notification Rule ,
Consent ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Encryption ,
Governor Brown ,
New Legislation ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Third-Party ,
Websites
On October 6, 2015, the European Court of Justice — Europe’s highest court — invalidated the Safe Harbor agreement and framework that has permitted more than 4,000 companies to transfer personal data from the EU to the U.S....more
10/7/2015
/ Binding Corporate Rules ,
Data Privacy ,
Data Protection Authority ,
Data Security ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
International Data Transfers ,
National Security Agency (NSA) ,
Personal Data ,
Prior Express Consent ,
PRISM Program ,
SCC ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
Not coincidentally, on July 21, 2015, Wired Magazine published an article with groundbreaking evidence of hacking a car wirelessly, and Senators Edward Markey (D-Mass.) and Richard Blumenthal (D-Conn.) introduced legislation...more
7/24/2015
/ Automotive Industry ,
Cloud Computing ,
Cyber Attacks ,
Cybersecurity ,
Dashboard ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Security ,
Federal Trade Commission (FTC) ,
Hackers ,
Internet of Things ,
NHTSA ,
Personally Identifiable Information ,
Proposed Legislation ,
Safety Standards ,
Transparency ,
Wireless Technology