Every year, Mintz provides analysis of the regulatory developments that impact public companies as they prepare for their fiscal year-end filings with the Securities and Exchange Commission and their annual shareholder...more
The California Privacy Protection Agency (“CPPA”) published a revised set of Draft Cybersecurity Audit Regulations ahead of the CPPA Board’s December 8, 2023 meeting. When the CPPA Board met on December 8, several key...more
The Federal Trade Commission (“FTC”) announced on Monday that it is settling a case against Drizly and its CEO stemming from a 2020 data breach that impacted roughly 2.5 million consumers. The proposed order not only...more
10/31/2022
/ Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Hackers ,
Identity Theft ,
Personal Data ,
Popular ,
Securities and Exchange Commission (SEC) ,
Settlement
Colorado has now joined California and Virginia to become the third US state to pass a comprehensive data privacy legislation when Governor Jared Polis signed the Colorado Privacy Act (the “CPA”) into law on July 8, 2021. The...more
The Mintz Privacy & Cybersecurity Blog will be providing regular updates of notable pending US state privacy laws. Following our similar previous updates, the most recent of which may be found here, this update checks in on...more
In a previous update, we provided a comprehensive round-up of several notable pending US state privacy laws. We are checking-in on the progression of some of those laws in this further update. The next installment will...more
While we continue to await comprehensive US federal privacy legislation, and following California’s lead with its California Consumer Privacy Act of 2018 (CCPA), individual states are stepping up to the plate. Based on what...more
An oft-used business management concept is to “hire people smarter than you.” The concept also applies to hiring vendors – hire vendors that are better than you (especially when it comes to information security). ...more
The Home Depot, Inc. (“Home Depot”) recently entered into a multi-state Assurance of Voluntary Compliance with Attorneys General of 46 states and the District of Columbia (the “Settlement”) stemming from a massive 2014 data...more
12/3/2020
/ Chief Information Security Officer (CISO) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Home Depot ,
Personal Information ,
Popular ,
Settlement ,
State Attorneys General
Amidst multiple investigations into the privacy and security practices at Zoom Video Communications (“Zoom”), New York Attorney General Letitia James recently announced a settlement agreement with Zoom after the failings of...more
5/13/2020
/ Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Department of Education ,
Facebook ,
Popular ,
Settlement Agreements ,
State Attorneys General ,
Videoconference ,
Virtual Meetings ,
Zoom®
Last month, we reported that the United States Senate, Committee on Commerce, Science, and Transportation, conducted a hearing on “Enlisting Big Data in the Fight Against Coronavirus.” Specifically, the Committee focused on...more
The New York Department of Financial Services (“NYDFS”) recently issued new guidance to regulated entities regarding cybersecurity awareness during the COVID-19 pandemic - citing a significant increase in cybercrime and...more
If your company is marketing any smart device, particularly if the device is involved with home security and collects personal information from users, it’s time to pay attention to the story of Tapplock.
Tapplock, Inc....more
With cases of the Novel Coronavirus (COVID-19) emerging in nearly every state, many businesses are taking swift action in an effort to curb its spread. Teleworking, “remote working,” or simply “working from home,” is a...more
3/17/2020
/ Bring Your Own Device (BYOD) ,
Business Continuity Plans ,
Centers for Disease Control and Prevention (CDC) ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Protection ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Infectious Diseases ,
Phishing Scams ,
Popular ,
Public Health ,
Remote Working ,
Risk Management ,
Telecommuting
As of March 12, 2020, the proposed Washington Privacy Act has foundered on enforcement rocks. The Senate did not agree with the House’s amendment that would have included a broad private right of action. The Senate’s version...more
3/13/2020
/ Consumer Privacy Rights ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Authority ,
Infectious Diseases ,
Opt-Outs ,
Personal Data ,
Privacy Laws ,
State and Local Government ,
State Data Breach Notification Statutes
The Washington Privacy Act has overwhelmingly passed the Washington state senate by a vote of 46-1...more
Back in October, we provided a summary of Article 2 of the California Attorney General’s Initial Proposed CCPA draft regulations, which specify certain notices that must be given to consumers at the time of collection of...more
Overview:
Article 2 (see pages 3 through 10) of the California Attorney General’s CCPA draft regulations specify certain notices that must be given to consumers at the time of collection of their personal information,...more
10/17/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
Private Right of Action ,
Right to Delete ,
Right To Know
We know we told you yesterday about the Equifax settlement and how you could make a claim in connection with the breach. Well, consumers whose personal information was compromised in Equifax’s massive 2017 data breach are in...more
8/2/2019
/ Civil Penalty Fund ,
Consumer Financial Protection Bureau (CFPB) ,
Corporate Counsel ,
Credit Monitoring ,
Cybersecurity ,
Data Breach ,
Equifax ,
Federal Trade Commission (FTC) ,
Fund Distribution ,
Gramm-Leach-Blilely Act ,
Personally Identifiable Information ,
Settlement Agreements ,
Unfair or Deceptive Trade Practices
The Federal Trade Commission (“FTC”), the Consumer Financial Protection Bureau, and 50 U.S. states and territories, have reached a global settlement agreement with Equifax Inc. (“Equifax”), according to which, Equifax agreed...more
7/31/2019
/ Civil Penalty Fund ,
Consumer Financial Protection Bureau (CFPB) ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Equifax ,
Federal Trade Commission (FTC) ,
Gramm-Leach-Blilely Act ,
Personally Identifiable Information ,
Settlement Agreements ,
Unfair or Deceptive Trade Practices