Privacy law 101 includes a simple but important basic concept that organizations may only use personal information they collect for what they say they will, and how they say they will. According to the Federal Trade...more
If your business is subject to the California Consumer Privacy Act (CCPA), and your business handles (in any manner set forth in the CCPA) the personal information of 10,000,000 or more California residents in a calendar...more
Earlier this week, the California Department of Justice unexpectedly released a third set of proposed modifications to the CCPA regulations. This move took place only two months after the California Attorney General’s Office...more
10/14/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Information Governance ,
Office of Administrative Law ,
Opt-Outs ,
Personal Information ,
Privacy Policy ,
State Attorneys General
The California Consumer Privacy Act becomes effective on January 1, 2020 with an amendment that impacts California employers. Covered businesses should, of course, already be in the process of preparing CCPA privacy notices...more
10/30/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Employee Privacy Rights ,
Employer Liability Issues ,
Governor Newsom ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Policy ,
Right to Delete
The California Attorney General’s office (CA AG) has published the long-awaited implementing regulations to the California Consumer Privacy Act (CCPA). In addition to the regulations, the CA AG also released a Notice of...more
Recently, Amazon refused (registration required) to provide data from an Amazon Echo device in a case involving the a double homicide in response to an order issued by a New Hampshire state judge. Prosecutors believe that the...more
We’ve discussed privacy compliance with regulations, legal requirements, etc. in the space since this blog’s inception. “Privacy by design” – while not a new concept – is certainly enjoying a new spot in the sunshine thanks...more
2/21/2018
/ Chief Information Security Officer (CISO) ,
Cybersecurity ,
Data Breach ,
Data Protection ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Privacy Policy
If you are one of the many businesses licensed by the New York Department of Financial Services (DFS), and cannot avail yourself of the (very) limited exemptions, you must be ready for the first compliance transition date for...more
Oregon’s legislature recently expanded the scope of statutory consumer protections by passing a bill to amend the state’s Unlawful Trade Practices Act (the “Act”). Recently, Oregon’s Governor Kate Brown signed H.B. 2090 into...more
“Don’t make promises that you don’t intend to keep” is an admonishment received by every child and delivered by every parent. This pithy maxim is equally applicable to consent orders entered into with regulatory authorities....more
3/22/2017
/ Breach of Contract ,
Civil Monetary Penalty ,
Consent Order ,
Cookies ,
Data Collection ,
Disclosure Requirements ,
Failure to Comply ,
Failure To Disclose ,
Federal Trade Commission (FTC) ,
Privacy Policy ,
Rewards Programs ,
Settlement
Last week, Snap Inc. (“Snap” or the “Company”) – the parent company of the wildly popular app Snapchat (“Snapchat” or the “App”) – became a publicly traded company on the New York Stock Exchange in the biggest tech IPO since...more
Google’s recent changes to its privacy policy are coming under fire from a complaint filed late last year with the Federal Trade Commission (“FTC”) that accuses the company of downplaying “transformational change” in its...more
Developers and operators of educational technology services should take note. Just before the election, California Attorney General Kamala Harris provided a document laying out guidance for those providing education...more
It’s time for a compliance check on those website or mobile app privacy policies, before the California Attorney General comes knocking.
Attorney General Kamala D. Harris has announced the release of a new tool for...more
Last week, the Federal Trade Commission (FTC) announced (press release) that Practice Fusion, the largest cloud-based electronic health company in the United States, has agreed to settle FTC charges over deceptive practices...more
In a decision favorable to the airline industry—but not helpful to other companies—the California Court of Appeal said that a privacy enforcement action against Delta is not going to fly. On May 25, 2016, the Court of Appeal...more
6/2/2016
/ Airlines ,
Appeals ,
Attorney General ,
CalOPPA ,
Delta Airlines ,
Dismissal With Prejudice ,
Enforcement Actions ,
Kamala Harris ,
Mobile Apps ,
Penalties ,
Privacy Policy
This has been a big week for cybersecurity announcements from Washington. In what the White House has called a series of “SOTU Spoilers,” President Obama announced his intention to follow through on some of the...more
Welcome to the first Privacy Tuesday of 2015!
We hope that you enjoyed our 12 Days of Privacy series (and if you missed it, they are all linked in the right column of the blog…).
Three things that you should...more
1/6/2015
/ Board of Directors ,
C-Suite Executives ,
Chick-Fil-A ,
Cybersecurity ,
Data Breach ,
Experian ,
Federal Trade Commission (FTC) ,
Hackers ,
PHI ,
Privacy Laws ,
Privacy Policy ,
Snapchat
There are quite a few privacy-related things taking effect July 1. Some reminders:
Florida Amendments to Data Breach Notification Law -
The Florida Information Protection Act of 2014 (“FIPA”) takes effect...more
Welcome to another week, and our Privacy Tuesday look at top issues.
California Attorney General Puts the Focus on the Consumer -
As we have discussed, the California Online Privacy Protection Act was amended,...more
In 2013, the California Online Privacy Protection Act (CalOPPA) was amended to require web sites and other online services to make additional privacy policy disclosures related to online tracking transparency. Within the...more
These are busy times in the data privacy/security world.
If Misery Loves Company, Target Has Friends -
Target was not the only target of data thieves this holiday season. Reports over the weekend revealed that...more
Despite the government shutdown, the Supreme Court is in for the 2013-2014 session. There are a couple of privacy cases on the agenda.
U.S. v. Wurie and Riley v. California -
At issue: Separate appeals over...more
10/8/2013
/ Cell Phones ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Federal Trade Commission (FTC) ,
Initial Public Offering (IPO) ,
Privacy Policy ,
SCOTUS ,
Search & Seizure ,
Search Warrant ,
Twitter
Privacy gaffes and tidbits to start your week.
Keeping up with Kardashians is NOT a defense under HIPAA -
The LA Times recently reported the firing of six workers at Cedars-Sinai Medical Center in connection...more
UK Regulators Tell Google: Rewrite that Privacy Policy — Or Else
It’s been clear since last year that many European data protection regulators were very unhappy with Google’s “new” privacy policy. The UK Information...more