With health-related data and how to protect it at the forefront of discussion since the start of the COVID-19 pandemic, this week California Governor Gavin Newsom signed into law two bills related to genetic data. First, AB...more
The Federal Trade Commission (“FTC”) recently issued an important policy statement to health apps and other connected devices that collect or use consumers’ health information. The FTC’s policy statement effectively...more
On September 17, 2021, a three-judge panel of the Illinois Appellate Court for the First Judicial District issued a long-awaited decision regarding the statute of limitations for claims under the state’s Biometric Information...more
Yesterday, Baltimore’s local ordinance prohibiting persons from “obtaining, retaining, accessing, or using certain face surveillance technology or any information obtained from certain face surveillance technology,” became...more
Watch out! A spike in ransomware attacks may be headed our way over Labor Day weekend. Yesterday, the FBI jointly with the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning to be on high alert for...more
9/3/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
FBI ,
Holidays ,
Multi-Factor Authentication ,
Passwords ,
Popular ,
Ransomware ,
Remote Desktop Protocols
Facial recognition technology has become increasingly popular in recent years in the employment and consumer space (e.g. employee access, passport check-in systems, payments on smartphones), and in particular during the...more
Effective October 1, 2021, Connecticut becomes the third state with a data breach litigation “safe harbor” law (Public Act No. 21-119), joining Utah and Ohio. In short, the Connecticut law prohibits courts in the state from...more
Last week, the U.S. Supreme Court held that a Pennsylvania school district went too far when it suspended a student from participation in the school’s cheerleading squad based on “vulgar” comments made about the coach on the...more
The Baltimore City Council recently passed an ordinance, in a vote of 13-2, barring the use of facial recognition technology by city residents, businesses, and most of the city government (excluding the city police...more
The Texas Legislature, which meets every other year, pushed a change to its data breach notification law at the end of the session in late May, and yesterday Governor Greg Abbott signed the bill into law...more
6/15/2021
/ Corporate Counsel ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Governor Abbott ,
Notification Requirements ,
State Attorneys General ,
State Data Breach Notification Statutes
State legislatures across the nation are prioritizing privacy and security matters, and Connecticut is no exception. This week, Connecticut Attorney General William Tong announced the passage of An Act Concerning Data Privacy...more
In late May, New York Attorney General Letitia James announced a $200,000 settlement agreement with Filters Fast, an online water filtration retailer, stemming from a 2019 data breach compromising the personal information of...more
6/8/2021
/ Breach Notification Rule ,
Consumer Privacy Rights ,
Coronavirus/COVID-19 ,
Cyber Attacks ,
Data Breach ,
New York ,
Personal Information ,
Policies and Procedures ,
Settlement Agreements ,
SHIELD Act ,
State Attorneys General ,
Websites
In a landmark decision, the U.S. Supreme Court has ruled that the Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030 et seq., does not prohibit improper use of computer information to which an individual has authorized...more
On May 13th, New York State Senator Kevin Thomas, Chair of NY’s Consumer Protection Committee, reintroduced the New York Privacy Act (“NYPA”), a comprehensive consumer privacy law similar in kind to the California Consumer...more
5/26/2021
/ Anti-Discrimination Policies ,
California Consumer Privacy Act (CCPA) ,
CDPA ,
Consumer Privacy Rights ,
Corporate Counsel ,
Data Controller ,
DPPA ,
Duty of Care ,
FERPA ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
New York ,
Opt-In ,
Personal Data ,
Personally Identifiable Information ,
Private Right of Action ,
Proposed Legislation ,
Right to Delete ,
Written Notice
In our latest issue of the Class Action Trends Report, Jackson Lewis attorneys discuss how employers can undertake Diversity, Equity and Inclusion (DEI) initiatives without risking class action discrimination suits; wage and...more
5/13/2021
/ Business Expenses ,
Class Action ,
Compensation ,
Coronavirus/COVID-19 ,
Corporate Counsel ,
Department of Labor (DOL) ,
Diversity ,
Diversity and Inclusion Standards (D&I) ,
Equal Employment Opportunity Commission (EEOC) ,
Fair Labor Standards Act (FLSA) ,
Gender Discrimination ,
Non-Exempt Employees ,
Pay Equity Laws ,
Race Discrimination ,
Reimbursements ,
Remote Working ,
Rest and Meal Break ,
Return-to-Work Agreements ,
Statute of Limitations ,
Telecommuting ,
Vaccinations ,
Wage and Hour
As access to COVID-19 vaccines becomes more prevalent, and we begin to conceptualize what a post-pandemic world might look like, many governments are assessing the idea of a COVID-19 vaccine passport framework. In late...more
5/11/2021
/ Americans with Disabilities Act (ADA) ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Coronavirus/COVID-19 ,
Data Storage ,
European Commission ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
GINA ,
Personal Data ,
Vaccinations ,
Vaccine Passports
Will Florida be the next state to enact a comprehensive consumer privacy law? It sure is starting to look like a viable possibility. With the California Consumer Privacy Act (“CCPA”) in full effect, and the recent enactment...more
Increased remote work due to the COVID-19 pandemic has only exacerbated privacy and cybersecurity concerns, and likely has not changed the finding in Experian’s 2015 Second Annual Data Breach Industry Forecast:.....more
The Biden administration has called for all people at least 18 to be eligible for the COVID-19 vaccine by April 19, 2021. Most states have already done so.
A BenefitsPro article cites a 2017 survey from the Society for...more
4/14/2021
/ Biden Administration ,
Centers for Disease Control and Prevention (CDC) ,
Coronavirus/COVID-19 ,
Data Privacy ,
Emergency Use Authorization (EUA) ,
Employer Liability Issues ,
Food and Drug Administration (FDA) ,
Incentives ,
Labor Relations ,
Liability ,
Local Health Departments (LHDs) ,
National Institute of Health (NIH) ,
Public Readiness and Emergency Preparedness Act (PREP Act) ,
Reporting Requirements ,
Vaccinations
In mid-March, Utah Governor Spencer Cox signed into law the Cybersecurity Affirmative Defense Act (HB80) (“the Act”), an amendment to Utah’s data breach notification law, creating several affirmative defenses for persons...more
4/7/2021
/ Affirmative Defenses ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
New Legislation ,
NIST ,
Personally Identifiable Information ,
Popular ,
State and Local Government ,
State Data Breach Notification Statutes
In a decision certain to have significant impact on Telephone Consumer Protection Act (TCPA) class action litigation, today the U.S. Supreme Court concluded narrowly that to qualify as an “automatic telephone dialing system”,...more
The Illinois Supreme Court recently agreed to hear an appeal of an Appellate Court’s decision addressing whether an employee’s claim for damages under Illinois’s Biometric Information Protection Act is preempted by the...more
3/26/2021
/ Adverse Events ,
Attorney's Fees ,
Biometric Information ,
Biometric Information Privacy Act ,
Class Action ,
Data Collection ,
Fingerprints ,
IL Supreme Court ,
Liquidated Damages ,
Pre-emptive Rights ,
Timekeeping ,
Workers Compensation Act ,
Workers' Compensation Claim ,
Workplace Injury
The 11th Circuit recently weighed in on the hottest issue is data breach litigation, whether a demonstration of actual harm is required to have standing to sue. Joining several other circuit courts, the 11th Circuit in Tsao...more
3/24/2021
/ Class Action ,
Corporate Counsel ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Future Harm ,
GAO ,
Hackers ,
Identity Theft ,
Injury-in-Fact ,
Personally Identifiable Information ,
Unauthorized Transactions
Here we go again! On March 15th, 2021, the California Department of Justice (“Department”) announced approval of modifications to the California Consumer Privacy Act’s (CCPA) regulations, originally introduced in December of...more
On Tuesday, March 2nd, Virginia Governor Ralph Northam signed into law the Consumer Data Protection Act (CDPA), officially joining California as the second state with a comprehensive consumer privacy law, intended to enhance...more