The Administrative Office of the U.S. Courts (the “AO”) recently disclosed that it has initiated an investigation into an apparent compromise in security of the Judiciary’s Case Management/Electronic Case Files System...more
On January 6, 2021, a bipartisan group of New York state lawmakers released a copy of Assembly Bill 27 (AB 27), the New York Biometric Privacy Act. If New York passes AB 27, it will join Illinois, Texas, and Washington as...more
The California Attorney General’s Office recently released a fourth set of proposed regulatory modifications to the California Consumer Privacy Act (the “CCPA”)....more
On November 17, 2020, H.R. 1668, the “Internet of Things Cybersecurity Improvement Act of 2020”, was unanimously passed by the Senate. The bill is now on its way to President Trump for signature or veto....more
On November 4, 2020, California voters approved of the ballot initiative Proposition 24, more commonly known as the California Privacy Rights Act (the “CPRA”). The CPRA goes into effect on January 1, 2023, and will expand...more
Assaults on Section 230 of the Communications Decency Act (the “CDA”)—which shields online platforms from civil liability for third party content on their services—are abundant these days. On October 15, 2020, FCC Chairman...more
1. Overview of the regulatory issues facing companies—and cyber insurers—that may need to respond to ransomware emanating from a threat actor or group with potential ties to entities on federal lists.-
The U.S. Treasury...more
On August 19, 2020, the United States District Court for the Northern District of California granted preliminary approval of the class action settlement in In re Facebook Biometric Information Privacy Litigation,...more
8/21/2020
/ Attorney's Fees ,
Biometric Information ,
Biometric Information Privacy Act ,
Class Action ,
Class Members ,
Corporate Counsel ,
Data Collection ,
Evidentiary Hearings ,
Facebook ,
Facial Recognition Technology ,
IL Supreme Court ,
Popular ,
Statutory Damages
On August 14, 2020, the California Office of Administrative Law (“OAL”) approved in part and withdrew in part the Regulations regarding the California Consumer Privacy Act (“CCPA”). While most of the changes are...more
On July 16, 2020, the European Court of Justice (Court) ruled in the “Schrems II” case that the one of the most commonly used cross border data transfer mechanisms between the European Union (EU) and the United States (US),...more
7/20/2020
/ Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Processors ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Ireland ,
Personal Data ,
Personally Identifiable Information ,
Schrems I & Schrems II ,
Standard Contractual Clauses
With the ongoing covid crisis leaving businesses of all sizes concerned about the short and medium term future, the intimidating task of considering a liquidation or restructuring is inevitably starting to become a reality. ...more
Businesses subject to the California Consumer Privacy Act (“CCPA”) that have begun exploring the possibility of collecting data from visitors to their facilities to track potential coronavirus exposure and to allow/deny entry...more
As people across the country and world try to figure out how to protect themselves against the spread of coronavirus, hackers are working hard to spread their own viruses....more
The widespread use of social media platforms make them ideal for companies trying to reach a large audience. Pharmaceutical and consumer products industries frequently maintain their own social media accounts and partner with...more
3/5/2020
/ Advertising ,
Brand ,
Celebrity Endorsements ,
Comment Period ,
Corporate Counsel ,
Disclosure Requirements ,
Endorsements ,
Federal Trade Commission (FTC) ,
FTC Act ,
FTC Endorsement Guidelines ,
Influencers ,
Marketing ,
Online Advertisements ,
Online Endorsements ,
Patients ,
Pharmaceutical Industry ,
Physicians ,
Regulatory Requirements ,
Social Media ,
Websites
On Friday, February 7, 2020, the California Attorney General’s (AG) Office released modified regulations to the California Consumer Privacy Act (CCPA). The modified regulations incorporate amendments to the CCPA signed into...more
2/11/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Brokers ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Regulatory Agenda ,
Rulemaking Process ,
State and Local Government ,
State Attorneys General
Welcome to our latest edition of Retail Rap. From influencer marketing to launching a startup and ensuring digital advertising complies with the latest regulations, retail issues are making news—and presenting legal...more
11/21/2019
/ Advertising ,
Brand ,
California Consumer Privacy Act (CCPA) ,
Cookies ,
Cybersecurity ,
Data Protection ,
Distributors ,
E-Commerce ,
Emerging Growth Companies ,
Entrepreneurs ,
Fashion Industry ,
Influencers ,
Internet Retailers ,
Manufacturers ,
Online Advertisements ,
Online Platforms ,
Personal Data ,
Retail Market ,
Retailers ,
Startups ,
Targeted Digital Advertising ,
Venture Capital ,
Web Tracking
For businesses, one of the more worrisome scenarios under the CCPA occurs when they mistakenly provide personal information of a consumer to the wrong party in response to a consumer request, whether because of fraud or...more
10/22/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Regulation ,
Request For Information ,
Rulemaking Process ,
State and Local Government ,
Two-Step Verification ,
Verification Requirements
To the surprise of some, the proposed CCPA Regulations issued last Thursday don’t address many of the well-discussed ambiguities under the law (such as what “valuable consideration” means in the context of a sale of personal...more
10/18/2019
/ Attestation Requirements ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Notice Requirements ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Regulation ,
Regulatory Agenda ,
Rulemaking Process ,
State and Local Government
The California Attorney General’s Office released its long-awaited proposed CCPA Regulations yesterday. The proposed Regulations are 24 pages long, and address a number of important technical compliance issues including...more
10/11/2019
/ Attorney General ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Information Sharing ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Regulation ,
Regulatory Agenda ,
Rulemaking Process ,
State and Local Government
On September 13, 2019—the last day of the legislative session—California lawmakers approved five amendments intended to clarify the scope of the California Consumer Privacy Act (the “CCPA”), but rejected several...more
9/17/2019
/ Advertising ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Customer-Loyalty Programs ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Legislative Agendas ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Amendments ,
Regulatory Agenda ,
Rulemaking Process ,
State and Local Government
Delaware (July 31, 2019) and New Hampshire (August 2, 2019) have become the latest states to add to the insurance cybersecurity landscape by enacting information security laws. These laws come on the heels of Connecticut’s...more
8/9/2019
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Hackers ,
Incident Response Plans ,
Information Security ,
Information Technology ,
Insurance Industry ,
NAIC ,
New Legislation ,
Personally Identifiable Information ,
Popular ,
State and Local Government ,
State Data Breach Notification Statutes
On July 26, 2019, Connecticut Governor Ned Lamont signed into the law the state’s new Insurance Data Security Law, which imposes new information security, risk management, and reporting requirements for carriers, producers,...more
At what has been described as a marathon hearing that lasted late into the night of July 9, the California Senate Judiciary Committee advanced several amendments to the California Consumer Privacy Act (the “CCPA”), but major...more
7/11/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Legislative Agendas ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Amendments ,
Rulemaking Process
Utah Governor Gary Herbert is expected to sign a new privacy law in the coming weeks that will make his state the first to protect private electronic data stored with third-party providers from government access without a...more
3/28/2019
/ Cloud Computing ,
Data Management ,
Electronically Stored Information ,
Government Investigations ,
Legislative Agendas ,
Pending Legislation ,
Privacy Laws ,
Search Engines ,
Search Warrant ,
Social Media ,
State and Local Government ,
Wireless Technology
On March 20, 2019, the Supreme Court refused to address the adequacy of a $8.5 million Google privacy class action settlement and instead remanded to a lower court to determine whether the class action plaintiffs had standing...more
3/21/2019
/ Class Action ,
Cy Pres Funds ,
Frank v Gaos ,
FRCP 23(e) ,
Google ,
Remand ,
SCOTUS ,
Settlement ,
Spokeo v Robins ,
Standing ,
Stored Communications Act ,
Vacated