Five new state omnibus privacy laws take effect in 2023, with two that already kicked in on January 1.
The California Privacy Rights Act (CPRA) – effective January 1, 2023, enforceable July 1, 2023....more
The Latest Trends and Developments in the Class Actions World -
Labor & Employment-
Labor and Employment class actions involving contractors are on the rise in California, especially in its $50-plus billion per annum...more
California Privacy Protection Agency Releases Revised Regulations -
With the effective date less than three months away, and ahead of a Board Meeting on October 28 and 29, the California Privacy Protection Agency released...more
10/24/2022
/ Biometric Information Privacy Act ,
California ,
California Privacy Rights Act (CPRA) ,
Colorado ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Privacy ,
Data Protection ,
EU ,
European Commission ,
Executive Orders ,
General Data Protection Regulation (GDPR) ,
Interactive Advertising Bureau ,
Internet of Things ,
Joe Biden ,
National Security ,
NIST ,
Online Safety for Children ,
PIPEDA ,
Popular ,
Privacy Framework ,
Privacy Laws ,
Ransomware ,
Schrems I & Schrems II ,
Sensitive Personal Information
CPPA Amends Draft CPRA Regulations & Announces Public Comment Dates -
The California Privacy Protection Agency (CPPA) has announced amendments to the California Privacy Rights Act proposed regulations, which primarily...more
7/13/2022
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Cookies ,
Data Breach ,
Data Brokers ,
Data Protection ,
Department of Justice (DOJ) ,
Enforcement ,
Federal Trade Commission (FTC) ,
FTC Act ,
General Data Protection Regulation (GDPR) ,
Metaverse ,
New Regulations ,
Privacy Laws ,
Rulemaking Process
As more states enact their own privacy laws, members of the privacy community and those impacted by privacy legislation continue to push for uniformity. The American Data Privacy and Protection Act (ADPPA) addresses this...more
7/6/2022
/ Biometric Information Privacy Act ,
Breach Notification Rule ,
California Consumer Privacy Act (CCPA) ,
Chief Privacy Officer ,
Communications Act of 1934 ,
Consumer Privacy Rights ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Data Privacy ,
Federal Trade Commission (FTC) ,
Online Safety for Children
Connecticut Passes the Fifth US State Consumer Privacy Law -
The Connecticut governor has formally signed and passed An Act Concerning Personal Data Privacy and Online Monitoring (CPDA), making this law the fifth US state...more
5/19/2022
/ Americans with Disabilities Act (ADA) ,
Artificial Intelligence ,
Blockchain ,
Brazil ,
CDPA ,
CNIL ,
Computer Fraud and Abuse Act (CFAA) ,
Cookies ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Data Processing Rules ,
Data Protection ,
Denmark ,
Department of Justice (DOJ) ,
European Parliament ,
France ,
General Data Protection Regulation (GDPR) ,
New Legislation ,
NIST ,
PHMSA ,
Proposed Amendments ,
Risk Mitigation ,
SCOTUS ,
Supply Chain ,
Virginia
US News -
Utah Will Soon Publish US’s Latest Comprehensive State Privacy Law -
The Utah Consumer Privacy Act, also known as Senate Bill 227, recently cleared the Senate and the House. Though there are a few more steps...more
3/11/2022
/ Biometric Information Privacy Act ,
California Privacy Rights Act (CPRA) ,
Class Action ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Department of Justice (DOJ) ,
Dismissals ,
Enforcement ,
EU ,
European Commission ,
General Data Protection Regulation (GDPR) ,
India ,
New Legislation ,
Oman ,
Popular ,
Privacy Laws ,
Proposed Regulation ,
Settlement ,
State and Local Government ,
State Privacy Laws ,
Wiretapping ,
Workers Compensation Act
United Kingdom New Standard Contractual Clauses Submitted to Parliament -
The United Kingdom has finalized its new International Data Transfer Agreement and Addendum to the new EU standard contractual clauses. Subject to...more
2/17/2022
/ Brazil ,
California Consumer Privacy Act (CCPA) ,
Cookies ,
COPPA ,
Customer-Loyalty Programs ,
Cybersecurity ,
Data Protection ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
NIST ,
Personal Data ,
Popular ,
Right of Access ,
Standard Contractual Clauses ,
UK
FTC Warns Companies to Remediate Log4j Security Vulnerability -
Log4j is a ubiquitous piece of software used to record activities in a wide range of systems found in consumer-facing products and services. Recently, a...more
1/19/2022
/ Apple ,
Audits ,
CNIL ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Department of Defense (DOD) ,
European Data Protection Board (EDPB) ,
Federal Trade Commission (FTC) ,
GAO ,
General Data Protection Regulation (GDPR) ,
Opt-Outs
Second Circuit Denies Settlement of Data Breach Case Due to Lack of Standing -
As we previously reported, in April 2021, the Second Circuit became the latest federal circuit to hold that an individual may establish Article...more
9/23/2021
/ Arbitration ,
Article III ,
Biometric Information ,
Biometric Information Privacy Act ,
California ,
Class Action ,
Data Breach ,
Data Privacy ,
Data Protection ,
Declaratory Judgments ,
Health Care Providers ,
IL Supreme Court ,
Negligence ,
Pipelines ,
Putative Class Actions ,
Ransomware ,
Settlement ,
Standing ,
Unfair Competition ,
Unfair Competition Law (UCL) ,
Virtual Private Networks
The Department of Labor (DOL) recently issued new guidance on best practices for maintaining cybersecurity in connection with ERISA plans (the Guidance).
The Guidance, which is intended for sponsors, fiduciaries, record...more
8/9/2021
/ Benefit Plan Sponsors ,
Best Practices ,
Cybersecurity ,
Data Protection ,
Department of Labor (DOL) ,
Employee Retirement Income Security Act (ERISA) ,
Fiduciary Duty ,
New Guidance ,
Plan Administrators ,
Plan Participants ,
Popular ,
Retirement Plan ,
Third-Party Service Provider
Crippling data breaches and sophisticated ransomware attacks are increasingly common threats to modern businesses. Ransomware attacks can not only target confidential company data and data collected from customers but...more
6/14/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
CDPA ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Hackers ,
Malware ,
Ransomware
The legislation updates the Children’s Online Privacy Protection Act (COPPA) by prohibiting internet companies from collecting personal information from anyone 13- to 15-years old without the user’s consent
Senators...more
6/9/2021
/ Biometric Information ,
Broker-Dealer ,
Cookie Banners ,
COPPA ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Collection ,
Data Protection ,
EU ,
European Commission ,
Executive Orders ,
Facial Recognition Technology ,
FBI ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Latin America ,
NGOs ,
Online Safety for Children ,
Personal Information ,
Popular ,
Proposed Legislation ,
Schrems I & Schrems II ,
Securities and Exchange Commission (SEC) ,
Standard Contractual Clauses ,
Suspicious Activity Reports (SARs)
The Federal Trade Commission (FTC) continues to put emphasis on the importance of corporate board involvement in privacy and data security.
Corporate Boards: Don’t Underestimate Your Role in Data Security Oversight -
The...more
5/20/2021
/ Apple ,
Article III ,
Artificial Intelligence ,
Board of Directors ,
Data Privacy ,
Data Protection ,
Data Security ,
Disclosure Requirements ,
Electronic Protected Health Information (ePHI) ,
EU ,
European Commission ,
Federal Trade Commission (FTC) ,
Google ,
Identity Theft ,
Latin America ,
Mobile Apps ,
New Rules ,
ONC ,
Personal Data ,
Popular ,
SCOTUS ,
Standing
2021 is off to a strong start in privacy legislation with Virginia passing the second state comprehensive consumer privacy law in the US.
Who Is Covered? -
The Virginia Consumer Data Protection Act (CDPA) applies to...more
3/8/2021
/ Consent Agreements ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Gramm-Leach-Blilely Act ,
Personal Data ,
Privacy Laws ,
Targeted Digital Advertising ,
Virginia
Tides of change in the digital advertising and regulatory landscape over the last few years have recently ushered in an increasingly likely future without third-party cookies.
Background – An Abbreviated History of Recent...more
According to the Council of the European Union, there are plans to move forward with replacing the Cookie Directive with the ePrivacy Regulation.
Background on the ePrivacy Directive -
While the General Data...more
The Federal Trade Commission (FTC) recently announced a settlement with Zoom Video Communications, Inc. (Zoom) after allegations that Zoom misled users through deceptive and unfair practices that made users believe their...more
The Commission nationale de l'informatique et des libertés (CNIL) is the national data protection authority in France.
Recently, it announced new guidance on cookies and online trackers (Guidelines). Operators of...more
The United Kingdom’s Information Commissioner’s Office (ICO) recently released a Code of Practice for Age Appropriate Design on Online Services (Code).
The ICO notes that its Code reflects the “global direction” of reforms...more
The Attorney General Regulations (Regulations) to the California Consumer Privacy Act (CCPA) are enforceable as of August 14, 2020.
Attorney General Xavier Becerra announced that the Office of Administrative Law (OAL)...more
The California Consumer Privacy Act (CCPA) went into effect January 1, 2020 and created several rights for California residents, including the game-changing right to opt-out of the sale of personal...more
As security risks continue to be at the forefront of legislators’ agendas across the country, New York has joined the growing roster of states pressing businesses to develop more robust breach procedures. Originally proposed...more
10/16/2019
/ Biometric Information ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
New Legislation ,
Personal Data ,
Personal Information ,
Security and Privacy Controls ,
SHIELD Act ,
State Data Breach Notification Statutes