Shook Weighs in on Updated CCPA Regulations -
In response to extensive public comment, the California Attorney General’s office released modified draft regulations under the CCPA on February 7. Shook has provided initial...more
3/10/2020
/ Biometric Information ,
Board of Directors ,
C-Suite Executives ,
California Consumer Privacy Act (CCPA) ,
Class Action ,
Consumer Privacy Rights ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Protection Commissioner ,
Data Security ,
EHealth ,
EIOPA ,
EU ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Security Rule ,
International Data Transfers ,
Ireland ,
LabMD ,
New Guidance ,
OCR ,
Opt-Outs ,
Personal Information ,
PHI ,
Popular ,
Privacy Laws ,
Proposed Legislation ,
Right to Delete ,
Third-Party Service Provider ,
Underwriting
States Consider Privacy and Data Security Legislation -
It’s that time of year again, when we see a flood of legislative activity at the state level on privacy and data security laws. A couple of recent examples are below....more
1/30/2020
/ Class Action ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Equifax ,
EU-US Privacy Shield ,
Expedia ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Google ,
Information Commissioner's Office (ICO) ,
Information Governance ,
Legislative Agendas ,
Marriott ,
Motion to Dismiss ,
Online Safety for Children ,
Orbitz ,
Personal Data ,
Privacy and Electronic Communications Regulation 2003 (PECR). ,
Proposed Legislation ,
Regulatory Violations ,
Settlement ,
State and Local Government ,
UK
EU Court Allows Class Action to Proceed, Sets Precedent for Future Data Breach Class Actions -
A class action brought against Google will be allowed to move forward after the plaintiff’s appeal was permitted, allowing him to...more
11/20/2019
/ California Consumer Privacy Act (CCPA) ,
Cayman Islands ,
Class Action ,
Comment Period ,
Compliance Management Systems ,
Consent ,
Cookies ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Breach ,
Data Management ,
Data Protection ,
Data Protection Acts ,
Data Security ,
e-Privacy Directive ,
Electronic Protected Health Information (ePHI) ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Google ,
HIPAA Breach ,
Ireland ,
New Guidance ,
New Legislation ,
Notification Requirements ,
OCR ,
Personal Data ,
Popular ,
Regulatory Agenda ,
Regulatory Violations ,
Web Browsers ,
Web Tracking
California Adds Biometric Restrictions to Data-Breach Law, Potentially Creating a De Facto Biometric Privacy Law
Subject to the governor’s signature, California’s breach-notification law will gain additional requirements...more
9/25/2019
/ Biometric Information ,
Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
Consent ,
COPPA ,
Data Breach ,
Data Collection ,
Data Privacy ,
EU ,
EU-US Privacy Shield ,
FCC ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Interactive Advertising Bureau ,
ISO ,
Legislative Agendas ,
Personal Data ,
Personally Identifiable Information ,
Proposed Legislation ,
Robocalling ,
Settlement Agreements ,
TCPA ,
Transparency ,
YouTube
French Data Protection Authority Issues Guidelines on Cookie Use -
CNIL, France’s data protection authority, has released new rulesfor obtaining consumer consent under the GDPR for companies using cookies and other tracking...more
8/6/2019
/ CNIL ,
Cookies ,
COPPA ,
Data Breach ,
Data Protection Authority ,
Equifax ,
EU ,
Facebook ,
Federal Trade Commission (FTC) ,
France ,
General Data Protection Regulation (GDPR) ,
Information Technology ,
International Data Transfers ,
New Guidance ,
Popular ,
Prior Express Consent ,
Privacy Laws ,
Settlement Agreements ,
SHIELD Act ,
Singapore ,
State Data Breach Notification Statutes ,
Website Owner Liability
British Data Protection Authority Flexes GDPR Enforcement Muscles -
No longer is the bark of sanctions for lax data protection practices worse than its bite. The Information Commissioner’s Office (ICO)—the United Kingdom's...more
7/17/2019
/ British Airways ,
Cybersecurity ,
Data Breach ,
Data Security ,
Enforcement Actions ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Marriott ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
UK
The California Consumer Privacy Act: The Next Frontier -
The California Consumer Privacy Act (CCPA) has been called the beginning of America’s GDPR. As the most comprehensive privacy law in the United States, entities...more
6/5/2019
/ Algorithms ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Damages ,
Data Breach ,
Data Privacy ,
Fines ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Legislative Agendas ,
Personal Data ,
Personally Identifiable Information ,
State and Local Government ,
State Data Breach Notification Statutes ,
TCPA
Florida Introduces BIPA Legislation -
A Florida state senator has introduced an identical version of the Illinois Biometric Information Privacy Act (BIPA)....more
3/25/2019
/ Aetna ,
Biometric Information ,
Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
CNIL ,
Competition ,
COPPA ,
Data Breach ,
Data Collection ,
Data Privacy ,
Enforcement Actions ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
Fingerprints ,
General Data Protection Regulation (GDPR) ,
Legislative Agendas ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Proposed Amendments ,
Proposed Legislation ,
State and Local Government
Google Receives Record GDPR Fine -
Marking the first major penalty against a U.S. tech company under the General Data Protection Regulation (GDPR), the French data-protection authority, CNIL, has fined Google a record $57...more
2/7/2019
/ Antitrust Violations ,
California Consumer Privacy Act (CCPA) ,
CNIL ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Derivative Suit ,
Enforcement Actions ,
EU ,
Facebook ,
Federal Trade Commission (FTC) ,
France ,
General Data Protection Regulation (GDPR) ,
Google ,
Government Shutdown ,
Huawei ,
International Data Transfers ,
Japan ,
Obstruction of Justice ,
Popular ,
Proposed Amendments ,
Regulatory Oversight ,
Regulatory Violations ,
State and Local Government ,
Trade Secrets ,
UK Brexit ,
Wire Fraud ,
Yahoo!
Going Deep on the California Consumer Privacy Act -
The California Consumer Privacy Act (CCPA) has been called the beginning of America’s GDPR. As the most comprehensive privacy law in the United States, entities doing...more
1/29/2019
/ Article III ,
Biometric Information ,
Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
Certiorari ,
Class Action ,
Consumer Privacy Rights ,
Cy Pres Funds ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
De Minimis Claims ,
Encryption ,
EU-US Privacy Shield ,
Facebook ,
Frank v Gaos ,
General Data Protection Regulation (GDPR) ,
Google ,
Invasion of Privacy ,
Marriott ,
Medical Records ,
Personally Identifiable Information ,
Popular ,
SCOTUS ,
Standing ,
Web Tracking ,
Wifi