The UK and U.S. Governments have now formalized the UK-U.S. Data Bridge. The U.S. Attorney General designated the UK as a “qualifying state” for the purposes of the Executive Order 14086 on September 18, 2023, and the UK...more
U.S. companies can now self-certify to permit personal data to freely flow from the Europe to the United States.
U.S. organizations can now self-certify their compliance with the EU-U.S. Data Privacy Framework (DPF) to...more
7/27/2023
/ BCRs ,
Data Integrity ,
Data Privacy ,
Data Security ,
Department of Transportation (DOT) ,
Enforcement ,
EU-US Privacy Shield ,
European Economic Area (EEA) ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Self-Certification ,
Standard Contractual Clauses ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
American Data Privacy and Protection Act would require organizations to limit collection of personal information, grant consumers access to their own data, enhance data protections for children, mandate implementation of...more
7/11/2022
/ California Consumer Privacy Act (CCPA) ,
Corporate Counsel ,
Data Privacy ,
Data Protection ,
Enforcement ,
Federal Data Privacy ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Personal Information ,
Privacy Policy ,
Private Right of Action ,
Proposed Legislation ,
Small Business ,
Third-Party Service Provider
As California reopens from the COVID-19 pandemic and workers begin returning to work in-person, many employers have begun requesting their employees provide, sometimes on an ongoing basis, certain health information before...more
On April 1, 2021, the U.S. Supreme Court resolved a long standing issue plaguing providers of text message services and the companies engaging in text message marketing. Lower courts have been split in defining what...more
Virginia is the first in 2021 to codify a new data privacy law.
The newly signed Virginia Consumer Data Protection Act (CDPA) has parallels to the California Consumer Privacy Act of 2018 (CCPA) and the California Privacy...more
3/4/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Corporate Counsel ,
Cybersecurity ,
Data Protection ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Popular ,
Privacy Legislation ,
Private Right of Action ,
State Privacy Laws ,
Virginia
As COVID-19 fuels technological adoption and adaptation in all walks of life, the CCPA and New York SHIELD Act are front and center in the minds of both government enforcers and the private plaintiffs’ bar.
The increased...more
With the shelter-in-place orders imposed by the local and state governments, businesses are scrambling to transition to a virtual workforce and facilitating employees to work remotely from home. Educational institutions are...more
Information collected in employment or business-to-business contexts is exempt for one year.
For the first year it is in effect, the CCPA will not apply to personal information collected about employees or in B2B...more
10/15/2019
/ Amended Legislation ,
B2B Organizations ,
B2B Transactions ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Collection ,
Duty to Delete ,
Employee Rights ,
Exemptions ,
Fair Credit Reporting Act (FCRA) ,
Governor Newsom ,
Motor Vehicles ,
Personal Information
New cybersecurity and data privacy laws will impose substantial new obligations on businesses that collect information about residents of those states.
Regardless of their location or size, nonprofit organizations that...more
Efforts to regulate cross-device tracking have increased since we last addressed the topic in 2017, following the release of the FTC’s Staff Report. ...more
To comply with CCPA, all businesses must update their privacy policies accordingly.
New California rights and how to exercise them must be disclosed....more
7/8/2019
/ California Consumer Privacy Act (CCPA) ,
California Financial Information Privacy Act (CFIPA) ,
Consumer Privacy Rights ,
COPPA ,
Data Collection ,
Data Privacy ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy
Similarities aside, there are significant differences between the two privacy laws.
The CCPA grants rights to individuals who are residents of California under a definition used for income tax purposes....more
Starting in 2020, “inventory management” takes on new meaning in California.
Going into effect Jan. 1, 2020, the CCPA grants five new rights to consumers respecting personal information....more
5/2/2019
/ Best Practices ,
California Consumer Privacy Act (CCPA) ,
California Financial Information Privacy Act (CFIPA) ,
CMIA ,
Consumer Privacy Rights ,
Corporate Counsel ,
Data Collection ,
Data Management ,
Disclosure Requirements ,
Exemptions ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personal Data ,
Privacy Policy
Covered businesses will need to update policies and procedures for responding to customer inquiries about collection, use, sale and disclosure of customers’ personal information or face stiff enforcement actions.
The...more
7/5/2018
/ Cybersecurity ,
Data Collection ,
Data Rights ,
Disclosure Requirements ,
GLBA Privacy ,
Governor Brown ,
Health Insurance Portability and Accountability Act (HIPAA) ,
New Legislation ,
Notice Requirements ,
Opt-Outs ,
Personally Identifiable Information ,
Portability ,
State and Local Government ,
State Data Breach Notification Statutes
Be careful what you’ve promised your customers…or what has been promised about data you buy!
In today’s world, consumer data is a huge asset for companies across all industries, in particular those in...more
In today’s world, consumer data is a huge asset for companies across all industries, in particular those in technology-focused spaces like social media, apps, wearables, and retailers involved in e-commerce. The value of such...more
8/13/2015
/ Chapter 11 ,
Commercial Bankruptcy ,
Confidential Information ,
Data Privacy ,
Data Protection ,
E-Commerce ,
Electronic Data Transmissions ,
Federal Trade Commission (FTC) ,
Personally Identifiable Information ,
Radio Shack ,
Sale of Assets ,
Third-Party Risk
A mobile app that collects users’ location data while the mobile app is not in use should clearly disclose such practices and provide users with choices. Failure to do so could give rise to an FTC claim of deceptive...more
Innovation is prized in the growing space of the Internet of Things (IoT). But an innovative product design is not enough, and potential pitfalls abound. As demonstrated in a report published by the Federal Trade Commission...more
The Telephone Consumer Protection Act permits companies to make telephone solicitations using autodialers and pre-recorded messages once they have a consumer’s consent to do so. Many authorities have suggested that such...more
The Telephone Consumer Protection Act permits companies to make telephone solicitations using autodialers and pre-recorded messages once they have a consumer’s consent to do so. Many authorities have suggested that such...more
Businesses that use “commercial electronic messages” to market to customers and prospective customers in Canada should be aware of Canada’s new anti-spam rules, which require, among other things, the sender to obtain consent...more
Over the past few years, the Federal Trade Commission (“FTC”) has provided guidance regarding mobile platforms and app providers’ practices of collecting data about consumers’ locations through their mobile devices, with a...more
On Friday, September 27, 2013, California Governor Edmund G. Brown signed Assembly Bill 370, a bill that amends the Business & Professions Code § 22575 to require an operator of a commercial Internet website or online service...more