On January 22, 2021, Bleeping Computer reported about yet another data dump by the hacker group Shiny Hunters, this time for a clothing retailer. Shiny Hunters is known for exfiltrating large databases of customer...more
2/2/2021
/ Customer Information ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Databases ,
EU ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Passwords ,
Personally Identifiable Information ,
Popular
Has it been a year already? Many businesses diligently made sure they did their best to hit the moving CCPA target as they welcomed 2020 and the effective date of the statute last year. A year ago, all we had were draft...more
1/14/2021
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Online Platforms ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Legislation ,
Proposed Regulation ,
Regulatory Agenda ,
State and Local Government
California voters signaled that privacy is a top priority by overwhelmingly approving Proposition 24 on Nov. 3, 2020—the California Privacy Rights Act (CPRA). The CPRA amends and significantly strengthens the recently enacted...more
12/17/2020
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Compliance ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
General Data Protection Regulation (GDPR) ,
Personally Identifiable Information ,
Small Business ,
State and Local Government ,
Third-Party Service Provider
While the nation waits for the results of the presidential race to be tallied, across the country local and statewide referendums on privacy issues have been decided. In Portland, Maine voters approved a ballot measure to ban...more
This is the first alert in a series of Bradley installments on privacy issues that may arise during the current COVID-19 pandemic. This first installment focuses on disclosure of personally identifiable health information...more
We are a little more than two weeks into the new year and we’ve already seen several states introduce comprehensive privacy legislation on the heels of California’s Consumer Privacy Act (CCPA). It is no easy task to stay on...more
1/21/2020
/ Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Legislative Agendas ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws ,
Private Right of Action ,
Proposed Legislation
Have you recently received an update from Google or another adtech provider on their CCPA position? Some industry players are rolling out their approaches, and any business that uses website widgets needs to take note...more
11/26/2019
/ Advertising ,
Behavioral Advertising ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Use Policies ,
Google ,
Interactive Advertising Bureau ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Website Owner Liability
The dust has finally settled in the California State Legislature and the big winner for amendments to the CCPA is AB-25, which started out as carving out employees from the definition of consumer for the purpose of CCPA. The...more
9/18/2019
/ Amended Legislation ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Security ,
Disclosure Requirements ,
Opt-Outs ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Private Right of Action ,
Statutory Requirements
On January 1st, South Carolina became the first state to adopt the model insurance data security law requiring certain insurance licensees to investigate and report cybersecurity events in the state of South Carolina. The law...more
1/7/2019
/ Covered Entities ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Security ,
Employer Liability Issues ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Independent Contractors ,
New Legislation ,
Notification Requirements ,
Personally Identifiable Information ,
Popular ,
Reporting Requirements ,
Third-Party Service Provider
As discussed in Part 1, the California Consumer Privacy Act of 2018 (CalCoPA) is a game-changing privacy act that sets a new bar for consumer privacy rights in the U.S. The primary reason it differs from existing legislation...more
9/6/2018
/ Biometric Information ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Disclosure Requirements ,
Personally Identifiable Information ,
Preemption ,
Privacy Laws
As most people started to wind down for the July 4th holiday week, California was just ramping up its “as California goes” focus on data privacy. On June 28, 2018, California passed a comprehensive data privacy bill that has...more
7/5/2018
/ Cybersecurity ,
Data Collection ,
Data Rights ,
Disclosure Requirements ,
GLBA Privacy ,
Governor Brown ,
Health Insurance Portability and Accountability Act (HIPAA) ,
New Legislation ,
Notice Requirements ,
Opt-Outs ,
Personally Identifiable Information ,
Policies and Procedures ,
Portability ,
State and Local Government ,
State Data Breach Notification Statutes
On March 1, 2018, the Alabama Senate unanimously passed the Alabama Data Breach Notification Act of 2018 (SB 318). On March 22, 2018, the House of Representatives, following an amendment by the Technology and Research...more
On October 18, 2017, the Consumer Financial Protection Bureau (CFPB) outlined nine non-binding Consumer Protection Principles (the Principles) for the access and sharing of consumer information between third-party companies....more
11/29/2017
/ Banking Sector ,
Consumer Financial Protection Bureau (CFPB) ,
Consumer Watchdog ,
Cybersecurity ,
Data Controller ,
Data Security ,
Dodd-Frank ,
EU ,
Financial Institutions ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Online Payments ,
Personally Identifiable Information ,
Popular ,
Transparency ,
UDAAP
Following the recent Equifax data breach wherein millions of consumers’ private information may have been compromised, it is increasingly clear that consumer-interfacing businesses need to, and in some cases are required to,...more
10/20/2017
/ Automotive Industry ,
Car Dealerships ,
Data Breach ,
Data Collection ,
Data Privacy ,
Equifax ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
GLBA Privacy ,
Information Sharing ,
Lenders ,
Material Nonpublic Information ,
Personally Identifiable Information ,
Privacy Notice Rule ,
Privacy Rule ,
Social Security Numbers ,
Third Party Lenders