Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
Turning up the Heat – A Look at the FTC’s Groundbreaking Fine Against Bankrupt Digital Asset Services Provider Celsius Network LLC - The Crypto Exchange Podcast
CFPB's Section 1071 Final Rule (Part 3): Potential Problem Areas – The Consumer Finance Podcast
Video: Introduction: A Deep Dive into Privacy
What Non-Financial Institutions Need to Know About Gramm-Leach-Bliley
The Texas Data Privacy and Security Act (“TDPSA” or the “Act”) came into effect on July 1, 2024. The TDPSA applies to any person who (i) conducts business in the state of Texas or produces a product or service consumed by...more
On April 17, 2024, Nebraska Governor Jim Pillen signed the Nebraska Data Privacy Act (the "Act"), which takes effect on January 1, 2025. The Act maps in large part to the Texas Data Privacy and Security Act. Like Texas, the...more
As U.S. states continue to pass data privacy legislation, Maryland has gone above and beyond in signing both the Maryland Online Data Privacy Act of 2024 (MODPA) and the Maryland Age Appropriate Design Code (HB 603/SB...more
On January 8, 2024, New Jersey’s State Legislature passed the Disclosure and Accountability Transparency Act (the “Data Act”). Following Governor’s signature within 45 days, the Data Act would take effect one (1) year after...more
The Tennessee Information Protection Act (TIPA) passed unanimously through both houses of the Tennessee legislature and was signed by Governor Bill Lee on May 11, 2023. Tennessee joins seven states in enacting a comprehensive...more
Virginia Gov. Ralph Northam recently signed the Virginia Consumer Data Protection Act (VCDPA) into law, making Virginia the second state, following California, to adopt comprehensive consumer data privacy legislation. ...more
As was previously written, last fall New York enacted the "Stop Hacks and Improve Electronic Data Security Act" (SHIELD ACT), which required businesses having private information of New York residents to implement a written...more
Effective October 23, 2019 for changes in data breach notification requirements, and March 21, 2020 for new data security requirements, New York’s “Stop Hacks and Improve Electronic Data Security Act” (SHIELD Act) broadens...more
Privacy issues implicate several Bankruptcy Code sections and Bankruptcy Rules. The debtor must also comply with non-bankruptcy rules concerning privacy to the extent that such rules are not inconsistent with the Bankruptcy...more
Key Takeaways - - Personal information subject to New York’s breach notification law now includes biometric data, online credentials and account numbers (even without a PIN/code if the account could be used without those). ...more
As we explained in our last alert, California’s new comprehensive data privacy law is to take effect on January 1, 2020. For companies subject to this law, compliance will require a substantial investment of time, effort,...more
Introduction - The Ohio Data Protection Act comes into effect November 1, 2018. The law is important for business data holders because it grants them a defense if a data breach occurs and the company can prove it had a...more
California enacted the California Consumer Privacy Act on June 28, 2018. This law broadly expands the rights of California residents in their personal information collected through online means. The law imposes requirements...more
On June 28, 2018, California enacted the California Consumer Privacy Act of 2018 (CCPA), a sweeping privacy law that provides consumers with broad notice, access, and deletion rights concerning many types of personal...more
This is the second in a two-part series addressing recent developments in state privacy and data security laws. This article addresses new laws about student privacy, enforcement/ punishment for data privacy and security...more
In many respects, 2016 has been a remarkable year, but one constant with recent history is that multiple states (six this year) amended their breach notification statutes. As is commonly stated, the U.S. ...more
Sophisticated phishing scams and muscular hacking efforts continue to compromise personal and sensitive information held by insurers, hospital systems, and businesses large and small. In response, many states have...more
On May 6, 2016, Illinois joined a growing number of states that have strengthened their data breach notification requirements and expanded the definition of protected personal information. Effective January 1, 2017, HB1260...more
On May 6, 2016, Illinois Governor Bruce Rauner signed HB1260, which significantly updates the state’s Personal Information Protection Act. The changes take effect on January 1, 2017. When the new law becomes effective,...more
Recent amendments to the State’s data breach statute give a hard deadline for a business to provide consumer notice, removes encryption safe harbor, exempts entities that are subject to the Health Insurance Portability and...more
I. Legal Exposure to Federal and State Privacy Laws - A. Federal Statutes and Enforcement - 1. Federal Trade Commission Act, 15 U.S.C. §§ 41-58 - The Federal Trade Commission (FTC) has emerged as the leading...more
In light of numerous recent data breaches, cybersecurity has emerged as an issue impacting organizations ranging from the local hardware store to the largest multi-national firms in the world. In short, no industry is immune...more
April saw amendments to Washington State's and North Dakota's breach notification statutes. In a prior Orrick Alert, we discussed some of the implications from the proposed data breach notification amendments in...more