Data Revolution: How U.S. Privacy Laws Change the Way Data Should be Managed by Retail and Tech Industries
The Personal Information Protection Act ("PIPA") comes into full force on 1 January 2025. All organisations in Bermuda are expected to be in compliance with it by that date – time is running out! The Privacy Commissioner...more
Late last month, the Association of Corporate Counsel (ACC) hosted a panel on artificial intelligence and how it is rapidly transforming the life sciences sector, allowing companies to leverage large datasets to accelerate...more
This breakout series will discuss the latest U.S. privacy compliance programs, and how trends such as sale opt-out and cookie banners are part of the “data revolution”. The series will also cover the intersection of...more
The Delaware Personal Data Privacy Act (DPDPA or Act) became law on September 11, 2023, making Delaware the 13th state to enact a comprehensive consumer data privacy law, joining California, Virginia, Colorado, Connecticut,...more
As with many websites, hospitals often deploy third-party analytics tools to measure browser traffic in order to increase awareness of their websites, ensure website optimization and provide health care information to the...more
On March 29, 2023, California’s Office of Administrative Law (OAL) approved the California Privacy Protection Agency (CPPA) Board’s initial package of regulations under the California Privacy Rights Act (CPRA)....more
Last year, Virginia became the second state (after California) to enact a consumer privacy law. That law, the Virginia Consumer Data Protection Act (VCDPA), went into effect on January 1, 2023....more
The start of 2023 has brought with it significant changes to data privacy – new state laws concerning data privacy came into effect January 1 (the California Privacy Rights Act and the Virginia Consumer Data Protection Act),...more
European data protection authorities kicked 2023 off with a bang when, on January 4, the Irish Data Protection Commission (DPC) announced that Meta Platforms Ireland would be fined a total of €390 million (roughly $414...more
As we ring in the new year, employers around the country will be bringing in new or updated employee privacy notices. And while these notices were initially targeted to California employees because of privacy requirements...more
The so-called “HR exemption” taking employee and applicant personal information out of the control of the California Consumer Privacy Act (CCPA) is about to come to an end. Employers who are “businesses” for purposes of the...more
The Colorado Attorney General’s Office issued its proposed Colorado Privacy Act (CPA) Rules (Draft Rules) on Friday, September 30. The CPA Rules differ in many ways from those in the proposed California Privacy Rights Act...more
Editor’s Note: On September 29, 2022, HaystackID shared an educational webcast on the topic of US privacy law. As privacy continues to move to the forefront of not only information consideration but of business concern for...more
Over the last two years, many states have taken cues from California and the EU by adopting sweeping privacy laws. These laws, passed in Virginia, Colorado, Connecticut and Utah, as well as updates to the already enacted...more
Keypoint: The comments focus on identifying areas in which the Attorney General’s Office may provide additional clarity to consumers and businesses and to ensure, where appropriate, the interoperability of the Colorado...more
The California Privacy Protection Agency (CPPA) quietly issued the first draft of the California Consumer Privacy Act (CPRA) regulations and an Initial Statement of Reasons by attaching them to the June 8 board meeting...more
In an opinion released on March 10, 2022, California Attorney General Rob Bonta addressed the applicability of the “right to know” under the California Consumer Privacy Act (CCPA) (pdf) to internal inferences that...more
When can a data breach get worse? When the process of notifying victims creates a second breach. Take the example of a cancer treatment center that recently paid $425,000 to settle allegations that included a faulty...more
Starting in January of 2023, businesses subject to California Privacy Rights Act (CPRA), may be required to publish the retention periods for all categories of personal and sensitive information they collect, manage, store,...more
Last month, California Governor Gavin Newsom signed Senate Bill 41, the Genetic Information Privacy Act (“GIPA”), a law that regulates “direct-to-consumer genetic testing companies” that handle the “genetic data” of...more
On October 6, 2021, Apple announced that the requirement that applications that allow users to create an account must also enable users to initiate deletion of their accounts from within the application will go into effect on...more
Since its enactment just over a year ago, some companies have struggled to interpret the California Consumer Privacy Act (CCPA) and the circumstances that might subject them to penalties and fines for violations. In an effort...more
On Tuesday, June 15, 2021, a French court ordered IKEA to pay 1 million euros ($1.2 million) for spying on its employees in France. The allegations included reviewing employees' bank account records, using fake employees to...more
COVID-19 drove many formerly in-person interactions onto a variety of video conferencing platforms. But as millions of vaccinations are administered each day, and case numbers decline, it’s now possible to imagine and plan...more
Germany’s largest consumer protection organisation calls on Clubhouse operator Alpha Exploration Co. to cease and desist from illegal business practices and data protection violations. According to a statement by the...more