In October 2023, California Governor Gavin Newsom signed Senate Bill (S.B.) 362 into law, amending California’s data broker registration law. By January 31, 2024, qualifying data brokers must register with the California...more
1/18/2024
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Brokers ,
Data Collection ,
Data Privacy ,
Data Protection ,
New Legislation ,
Registration Requirement ,
Regulatory Requirements
2022 has seen a new wave of class action lawsuits targeting companies that use technology to track consumers’ interfaces on their websites. These lawsuits generally allege that the use of technologies such as session replay...more
4/3/2023
/ Bots ,
Data Collection ,
Data Privacy ,
Electronic Communications ,
Electronic Monitoring ,
Health Insurance Portability and Accountability Act (HIPAA) ,
PHI ,
Popular ,
Risk Mitigation ,
Third-Party Service Provider ,
Website Owner Liability ,
Websites ,
Wiretap Act ,
Wiretapping
The California Privacy Rights Act (“CPRA”) comes into force on January 1, 2023, and will amend and extend the privacy rights under the California Consumer Privacy Act (“CCPA”). Assuming no further applicable extensions or...more
8/31/2022
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Corporate Counsel ,
Data Collection ,
Data Management ,
Data Protection ,
Employee Privacy Rights ,
Employees ,
Employer Liability Issues ,
Regulatory Requirements
Virginia recently adopted a GDPR-inspired comprehensive data protection law for Virginia residents.
What Are the Main Points Covered by Virginia’s Consumer Data Protection Act (CDPA)?
...more
8/9/2021
/ 21st Century Cures Act ,
Biometric Information ,
Biometric Information Privacy Act ,
CDPA ,
Consumer Privacy Rights ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Collection ,
Data Localization Law ,
Data Privacy ,
Data Protection ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
HIPAA Security Rule ,
Information Blocking Rules ,
New Legislation ,
Personal Data
On May 26, 2021, the Colorado State Senate unanimously passed the Colorado Privacy Act bill (CPA) through the state Senate. On June 7, 2021, the Colorado House passed the CPA (by a vote of 57-7). ...more
6/16/2021
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Personal Data ,
Proposed Legislation ,
Regulatory Agenda ,
Rulemaking Process ,
State and Local Government
Like Virginia and Washington before it, on March 19, 2021, Colorado introduced a data privacy bill, the Colorado Privacy Act (CPA). As currently drafted, the CPA would be similar to other U.S. state privacy laws, including...more
4/7/2021
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
New Legislation ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Regulatory Requirements ,
State and Local Government
On November 3, 2020, Californians voted to pass Proposition 24, which modifies and expands the California Consumer Privacy Act (“CCPA”), which came into force on January 1 of this year. The new California Privacy Rights Act...more
11/10/2020
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Sellers ,
Data-Sharing ,
Information Governance ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
State and Local Government
What Happened?
On October 1, 2020, the Hamburg Data Protection Commissioner (“Hamburg DPA”) fined clothing retailer H&M 37.8 million dollars (EURO 35.2 million) for several violations of the GDPR....more
10/14/2020
/ Data Breach ,
Data Collection ,
Data Management ,
Data Protection ,
Data Retention ,
Enforcement Actions ,
EU ,
General Data Protection Regulation (GDPR) ,
H&M ,
Personal Data ,
Retailers
What Happened?
On October 1, 2020, the Hamburg Data Protection Commissioner (“Hamburg DPA”) fined clothing retailer H&M 37.8 million dollars (EURO 35.2 million) for several violations of the GDPR....more
10/13/2020
/ Corporate Counsel ,
Data Collection ,
Data Management ,
Data Protection ,
Data Retention ,
Enforcement Actions ,
EU ,
General Data Protection Regulation (GDPR) ,
H&M ,
Personal Data ,
Retailers
As we continue our series on steps business owners should take to mitigate the risk of reopening, it is clear from the guidance that has been issued by several states that effective screening and contact tracing are issues...more
5/15/2020
/ California Consumer Privacy Act (CCPA) ,
Contact Tracing ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data-Sharing ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Privacy Concerns ,
Re-Opening Guidelines ,
Screening Procedures
On February 7, 2020, and again on February 10, 2020, California Attorney General Xavier Becerra released modified proposed regulations (“Modified Proposed Regulations”) to the California Consumer Privacy Act of 2018, Cal....more
2/19/2020
/ Anti-Discrimination Policies ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Brokers ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Digital Service Providers ,
Employee Privacy Rights ,
Information Governance ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
Recordkeeping Requirements ,
Regulatory Agenda ,
Regulatory Requirements ,
Right to Delete ,
Rulemaking Process ,
State and Local Government ,
State Attorneys General ,
Threshold Requirements
The California Consumer Privacy Act of 2018 (“CCPA”) established new privacy rights for California consumers but left many unanswered questions on how businesses should implement the new obligations imposed on them. ...more
10/16/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Contracts ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Digital Service Providers ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Regulation ,
Regulatory Agenda ,
Rulemaking Process ,
State and Local Government
On May 29, 2019, Nevada Governor Steve Sisolak signed into law Senate Bill 220 (SB 220), which allows a Nevada consumer to “opt-out” of the sale of his or her personal information to a third party. ...more
6/6/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Protection Laws ,
Data Collection ,
Data-Sharing ,
General Data Protection Regulation (GDPR) ,
New Legislation ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
State and Local Government ,
State Data Breach Notification Statutes ,
Third Party Purchaser (TPP)
On March 25, 2019, California Assembly Member Ed Chau introduced Assembly Bill 25 (AB 25) to amend the definition of “consumer” under the California Consumer Privacy Act of 2018 (CCPA) set to take effect on January 1, 2020....more
4/26/2019
/ California Consumer Privacy Act (CCPA) ,
Carve Out Provisions ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
Employee Privacy Rights ,
Legislative Agendas ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Legislation