While the term “dark patterns” is not new, it has recently been getting a more attention, not least because the newly passed California Privacy Rights Act (“CPRA”) will regulate dark patterns. In this article, we will focus...more
Voters in California have passed Proposition 24, commonly referred to as the California Privacy Rights Act of 2020 (“CPRA”). Less than a year after the CCPA became effective, the voters’ approval of the CPRA will provide...more
11/9/2020
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Personal Information ,
Popular
More prevalent than ever before, Internet of Things (“IOT”) devices, a term that includes connected “smart” devices, such as internet connected TVs, wearables, smart speakers, such as the Amazon Echo and Google Home, are fast...more
In a proposed class action lawsuit filed in the U.S. District Court for the Northern District of California, Google is facing a potential $5 billion class action for alleged privacy law violations. The complaint alleges that...more
6/22/2020
/ CIPA ,
Class Action ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Google ,
Invasion of Privacy ,
Popular ,
Websites ,
Wiretap Act
The Coronavirus Aid, Relief and Economic Security (“CARES”) Act has created a flurry of far reaching considerations for affected businesses, ranging from tax, employment, and even telehealth. Beyond these issues, businesses...more
We recently provided some insights regarding how countries across the world are using data to fight COVID-19. The United States Senate, Committee on Commerce, Science, and Transportation, has recently conducted a hearing...more
With the advent of COVID-19, countries around the world are facing a novel challenge that affects them in unprecedented ways economically, socially, and otherwise. From a public health perspective, now perhaps more than ever...more
We previously provided insights into this important portion of the regulations... In this installment we address important revisions provided by the AG’s office to Article 3 of these regulations, several of which will have...more
With the CCPA having just become effective January 1st, 2020, affected entities and consumers may not have expected that actions are already being taken to dramatically amplify the consumer protections put in place by the...more
Within Article 3 (pages 10-18), the regulations detail important requirements that every business must follow when providing and fulfilling consumer rights under the CCPA. These areas include...more
10/18/2019
/ Best Practices ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Collection ,
Opt-Outs ,
Personally Identifiable Information ,
Proposed Regulation ,
Recordkeeping Requirements ,
Regulatory Agenda ,
Right to Delete ,
State Attorneys General
The California Attorney General’s office (CA AG) has published the long-awaited implementing regulations to the California Consumer Privacy Act (CCPA). In addition to the regulations, the CA AG also released a Notice of...more
Interested parties and privacy professionals have all been anxiously awaiting how legislative activity would shake out before the California Consumer Privacy Act (“CCPA”) is implemented January 1, 2020. Now that the dust has...more
9/23/2019
/ Amended Legislation ,
B2B Organizations ,
B2B Transactions ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Collection ,
Governor Newsom ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws ,
Private Right of Action
Welcome to July. While the California Consumer Protection Act (“CCPA”) is certainly one of the most important pieces of privacy legislation affecting many businesses today, we want to remind our readers of another California...more
7/2/2019
/ Artificial Intelligence ,
Bots ,
Business & Professions Code ,
Disclosure Requirements ,
False Advertising ,
Goods or Services ,
Internet of Things ,
Safe Harbors ,
Telecommunications ,
VoIP ,
Website Owner Liability
On the heels of the passing one of the nation’s leading pieces of privacy legislation, the California Consumer Privacy Protection Act (“CCPA”), Governor Newsom, used his first “State of the State” address, to highlight his...more
The California Attorney General’s Office (CAGO) is conducting a series of public hearings around the state to gather input on the California Consumer Privacy Act of 2018 (CCPA). We attended the CAGO’s January 25th, 2019...more
Recently, Oath, a wholly-owned subsidiary of Verizon Communications agreed to pay $4.95 million to settle charges from the New York attorney general’s office that the company’s online advertising business was violating...more
Recently, Amazon refused (registration required) to provide data from an Amazon Echo device in a case involving the a double homicide in response to an order issued by a New Hampshire state judge. Prosecutors believe that the...more
California continues to lead the nation in cybersecurity and privacy legislation on the heels of the recent California Consumer Privacy Act of 2018 (“CCPA”). Governor Brown recently signed into law two nearly identical bills,...more
10/4/2018
/ Acquisitions ,
California Consumer Privacy Act (CCPA) ,
Connected Items ,
Consumer Privacy Rights ,
Cybersecurity ,
Governor Brown ,
Manufacturers ,
Mergers ,
Personally Identifiable Information ,
Privacy Laws ,
Private Right of Action
June 28, 2018 will be a watershed day in the history of U.S. data privacy legislation. California has become the first state to move away from the U.S. approach of legislating data privacy in slow bits. Yesterday, both houses...more
6/29/2018
/ Consumer Protection Laws ,
Data Collection ,
General Data Protection Regulation (GDPR) ,
Governor Brown ,
Notice Requirements ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Portability ,
Private Right of Action ,
Right to Be Forgotten ,
State and Local Government
Recently, a new bill was signed by Colorado Governor John Hickenlooper, creating far reaching new requirements for entities that collect or maintain personal identifying information of Colorado residents. These requirements,...more
6/7/2018
/ Breach Notification Rule ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Governor Hickenlooper ,
New Legislation ,
Notice Requirements ,
Personally Identifiable Information ,
Popular ,
State and Local Government ,
State Data Breach Notification Statutes
Letter from the Editors -
As Tolstoy once wrote, “Spring is the time of plans and projects.” Hopefully, the snows of winter are finally behind us, and it’s time to look forward, build, and create! We at Mintz Levin continue...more
Facebook has recently chosen to no longer fund opposition to the California Consumer Privacy Act, which could appear on the California State Ballot as an initiated state statute on November 6, 2018. According to the petition...more
“Privacy by design” – while not a new concept – is certainly enjoying a new spot in the sunshine thanks to the European Union’s General Data Protection Regulation (“GDPR”) (50 days and counting…) and its codification of...more
4/5/2018
/ Cybersecurity ,
Data Breach ,
Data Processors ,
Data Protection ,
Data Protection Officers (DPOs) ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Risk Management
The Securities and Exchange Commission (“SEC”) released expansive interpretive guidance (“2018 Guidance”), posted February 21, 2018, further building upon its far-reaching cybersecurity guidance provided in 2011. Below are...more
3/2/2018
/ Cybersecurity ,
Data Protection ,
Disclosure Requirements ,
Financial Statements ,
Guidance Update ,
Insider Trading ,
Interpretive Opinions ,
Materiality ,
Policies and Procedures ,
Publicly-Traded Companies ,
Regulatory Oversight ,
Risk Management ,
Securities and Exchange Commission (SEC)
We’ve discussed privacy compliance with regulations, legal requirements, etc. in the space since this blog’s inception. “Privacy by design” – while not a new concept – is certainly enjoying a new spot in the sunshine thanks...more
2/21/2018
/ Chief Information Security Officer (CISO) ,
Cybersecurity ,
Data Breach ,
Data Protection ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Privacy Policy