In an era where technology is rapidly reshaping industries, AI stands at the forefront, promising unparalleled efficiency and innovation. But as AI tools become integral to business operations, the need for robust AI...more
9/17/2024
/ Artificial Intelligence ,
Data Privacy ,
Information Governance ,
Machine Learning ,
NIST ,
OECD ,
Process Improvement ,
Regulatory Requirements ,
Risk Assessment ,
Risk Mitigation ,
Strategic Planning
The Massachusetts’ Consumer Privacy in Commercial Transactions Act (the “Act”) limits companies’ ability to request and collect personal identification information (“PII”) that is not required for a transaction. The Act does...more
8/14/2024
/ CAN-SPAM Act ,
Data Collection ,
E-Commerce ,
Email ,
FTC Act ,
Internet Retailers ,
Marketing ,
Opt-Outs ,
Personal Data ,
Retailers ,
Song-Beverly Credit Card Act ,
UDAP ,
Unfair or Deceptive Trade Practices
While some states have existing laws governing certain aspects of the use of AI, on May 17, Colorado became the first state to enact comprehensive artificial intelligence (AI) legislation. Senate Bill 24-205, “Concerning...more
We’re halfway through 2024. Are you wondering what you need to think about for your privacy program in the rest of 2024? At the federal level, at the time of this alert, the American Privacy Rights Act remains at the...more
Anyone who has ever browsed Instagram® or TikTok® (or any parent with phone-addicted kids) realizes that music is an integral part of short-form video social media. Content creators record a few minutes or even a few seconds...more
11/9/2023
/ Advertising ,
Affirmative Defenses ,
Brand ,
Copyright ,
Copyright Infringement ,
Copyright Litigation ,
Fair Use ,
Influencers ,
Instagram ,
Music ,
Music Industry ,
Musical Sound Recordings ,
Online Advertisements ,
Social Media ,
Social Networks ,
Sony ,
Terms of Use ,
TikTok
Join industry leaders and legal professionals as they step through a cyber incident response scenario and give real-time perspectives from the viewpoint of forensic investigation and mitigation, legal, cyber insurance, and...more
10/12/2023
/ Crisis Management ,
Cyber Attacks ,
Cyber Insurance ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Events ,
Incident Response Plans ,
Risk Mitigation
California was the first US state with a comprehensive privacy law the California Consumer Privacy Act (“CCPA”), 4 more states followed with omnibus privacy laws effective this year and state legislatures passed 8 more this...more
10/11/2023
/ Advertising ,
Behavioral Advertising ,
Continuing Legal Education ,
Cookies ,
Data Privacy ,
Demand Letter ,
Events ,
Invasion of Privacy ,
Personal Data ,
Privacy Laws ,
Risk Mitigation ,
Targeted Digital Advertising ,
Web Tracking ,
Websites ,
Wiretapping
The Delaware Personal Data Privacy Act (DPDPA) takes effect January 1, 2025. Delaware generally followed the Connecticut model, but has some unique terms. We provide a non-exhaustive list of some of Delaware’s requirements...more
On July 10, 2023, the EU Commission approved the EU-U.S. Data Privacy Framework (“EU-US DPF”) as a valid transfer mechanism for sharing personal data from European Economic Area countries (those in the EU plus Iceland,...more
7/13/2023
/ Adequacy Requirement ,
Data Privacy ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Economic Area (EEA) ,
Framework Agreement ,
Iceland ,
International Data Transfers ,
Liechtenstein ,
Norway ,
Popular ,
Self-Certification ,
Switzerland ,
UK
Connecticut’s privacy law takes effect on July 1, with some key changes after the governor signed Senate Bill 3 on June 26. Some portions of the amendments concerning newly defined “consumer health law” will have immediate...more
US state legislatures continue to consider and pass consumer privacy laws. Many of them have similarities, but they also have significant differences. The divergence in the laws can create issues in your data strategy and...more
The Colorado Privacy Act (CPA) and the Connecticut Data Privacy Act (CTDPA) take effect on July 1, 2023. The CPA regulations take effect at the same time. And if you are subject to California’s laws, this is the enforcement...more
New omnibus privacy laws are coming to Virginia, Colorado, Utah, and Connecticut in 2023. Updates to California’s existing privacy law arrive in 2023 too. Don’t wait to implement your compliance updates as it could require...more
This article amends our prior article on new US state omnibus privacy laws coming in 2023: January 1: the California Consumer Privacy Rights Act (which amends the existing CCPA) (CPRA) and the Virginia Consumer Data...more
New omnibus privacy laws are coming to Virginia, Colorado, and Utah in 2023. Updates to California’s existing privacy law are coming in 2023 too....more
Utah has just become the fourth state to pass an omnibus consumer privacy law. The Utah Consumer Privacy Act (“UCPA”) was signed into law on March 24, 2022.
UCPA is modeled after Virginia’s Consumer Data Protection Act...more
As noted in our intro alert for this series, new omnibus privacy laws are coming to Virginia and Colorado and California’s existing comprehensive privacy law has been further modified by the CPRA. Don’t wait to implement your...more
This article starts the 11-month countdown to develop business compliance strategies for three new omnibus privacy laws coming in 2023: January 1: the California Consumer Privacy Rights Act (which amends the existing CCPA)...more
Florida and California join a growing minority of states enacting laws protecting a person’s genetic information (Nevada and Alaska also have laws). Florida’s new genetic privacy law, known as Protecting DNA Privacy Act, went...more
Colorado’s governor, Jared Polis, signed the Colorado Privacy Act (“CPA”) into law on July 7th, 2021.
Colorado joins California and Virginia as the third state with a comprehensive privacy law in the United States. ...more
Top 3 Takeaways -
On Friday, June 4, 2021, the European Commission adopted two sets of standard contractual clauses, one for use between controllers and processors and one for the transfer of personal data to “third...more
On March 2, 2021, Governor Northam made Virginia the second state in the U.S. to enact a comprehensive privacy law, Virginia's Consumer Data Protection Act (CDPA). We will follow-up with more discussion on how this impacts...more
The recent hack against FireEye and the U.S. Treasury and Commerce Department affected SolarWinds software for more than 18,000 software users including mostly private company clients in addition to the famously affected...more
The recent hack against FireEye and the U.S. Treasury and Commerce Department affected SolarWinds software for other clients as well (not limited to the U.S. government). SolarWinds has confirmed a cyberattack to its systems...more
Today, July 16, 2020, the EU’s top court, the Court of Justice of the European Union (CJEU), issued its highly anticipated decision in the Schrems II case. In doing so, CJEU has invalidated the EU-US Privacy Shield Framework...more