As the legislative session came to a close last week, the California Legislature passed five bills that amend the California Consumer Privacy Act ("CCPA"). Here are the five bills that are now headed to the governor for...more
9/24/2019
/ Amended Legislation ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws ,
Private Right of Action
The U.S. data privacy landscape continues to evolve. Last year, the California Consumer Privacy Act ("CCPA") passed following the EU General Data Protection Regulation ("GDPR"). Nine additional states have since introduced...more
UNITED STATES -
Regulatory—Policy, Best Practices, and Standards -
NIST Releases Internal Report Regarding IoT Cybersecurity -
In September, the National Institute of Standards and Technology ("NIST") released a draft...more
12/26/2018
/ Civil Monetary Penalty ,
CNIL ,
Consumer Reporting Agencies ,
COPPA ,
Critical Infrastructure Sectors ,
Cross-Border ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Data Protection ,
Department of Defense (DOD) ,
Disclosure Requirements ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hobbs Act ,
Internal Audit Functions ,
International Data Transfers ,
Internet of Things ,
NIST ,
Popular ,
Power Grid ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act
On the heels of the European Union's General Data Protection law, which went into effect in May 2018, California has enacted the California Consumer Privacy Act ("CCPA")—the result of an 11th-hour compromise between...more
10/24/2018
/ Argentina ,
Asia ,
Australia ,
Belgium ,
Brazil ,
California Consumer Privacy Act (CCPA) ,
Canada ,
Chile ,
China ,
Colombia ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection ,
EU ,
Federal Trade Commission (FTC) ,
France ,
General Data Protection Regulation (GDPR) ,
Germany ,
Hong Kong ,
IRS ,
Italy ,
Japan ,
Mexico ,
Netherlands ,
NIST ,
Paraguay ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Singapore ,
Spain ,
TCPA ,
UK
The Situation: Unanimously passed by the California state legislature, the California Consumer Privacy Act of 2018 introduces the nation's most wide-ranging consumer data privacy laws.
The Result: New consumer protections...more
7/5/2018
/ Consumer Protection Laws ,
Cybersecurity ,
Data Collection ,
Disclosure Requirements ,
General Data Protection Regulation (GDPR) ,
Governor Brown ,
New Legislation ,
Notice Requirements ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Portability ,
Right to Be Forgotten ,
State and Local Government
JONES DAY CYBERSECURITY, PRIVACY & DATA PROTECTION ATTORNEY SPOTLIGHT: Richard Martinez -
Europe's new General Data Protection Regulation ("GDPR") is driving an evolution in corporate privacy practices globally. As...more
6/25/2018
/ Article 29 Working Party (WP29) ,
Australia ,
Canada ,
China ,
Cybersecurity ,
Data Breach ,
Data Protection Officers (DPOs) ,
Department of Defense (DOD) ,
Department of Health and Human Services (HHS) ,
Department of Homeland Security (DHS) ,
Enforcement Actions ,
ENISA ,
EU ,
EU Data Protection Laws ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hong Kong ,
Infrastructure ,
IRS ,
Japan ,
Latin America ,
Mexico ,
National Security ,
NIST ,
Personally Identifiable Information ,
Popular ,
Regulatory Oversight ,
Singapore ,
South America ,
State Data Breach Notification Statutes
On May 23, 2018, the U.S. Department of Justice ("DOJ") publicly announced its seizure of botnet infrastructure used by malware dubbed "VPNFilter." DOJ indicated that the sophisticated malware was linked to APT 28, the group...more
UNITED STATES -
Regulatory—Policy, Best Practices, and Standards -
United States and China Renew Promise Not to Hack -
On October 4, U.S. and Chinese officials agreed to not engage in targeted hacking. Per a...more
11/21/2017
/ Acquisitions ,
Argentina ,
Article 29 Working Party (WP29) ,
Australia ,
Belgium ,
Biometric Information Privacy Act ,
Blockchain ,
Canada ,
CCTV ,
Chile ,
China ,
CNIL ,
Connected Cars ,
COPPA ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Defense (DOD) ,
Department of Health and Human Services (HHS) ,
Driverless Cars ,
EDPS ,
ENISA ,
Equifax ,
EU ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
France ,
General Data Protection Regulation (GDPR) ,
Germany ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Initial Coin Offering (ICOs) ,
International Data Transfers ,
Italy ,
Mexico ,
Mobile Apps ,
National Security ,
Netherlands ,
NIST ,
Online Advertisements ,
People's Bank of China ,
Personally Identifiable Information ,
Popular ,
Public Safety ,
Retail Investors ,
Search Engines ,
Securities and Exchange Commission (SEC) ,
Social Media ,
Spain ,
Stored Communications Act ,
TCPA ,
UK ,
Websites
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - FTC Comments on Improvements to IoT Device Security - On June 19, the Federal Trade Commission ("FTC") submitted comments to a working group organized by the...more
9/15/2017
/ Broker-Dealer ,
Computer Fraud and Abuse Act (CFAA) ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Data Privacy ,
Data Protection ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Federal Trade Commission (FTC) ,
Food and Drug Administration (FDA) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Internet of Things ,
Malware ,
Medical Records ,
NIST ,
RegTech ,
Retailers ,
Securities and Exchange Commission (SEC)
New York Attorney General Announces Record Number of Data Breach Notices in 2016 -
On March 21, 2017, the New York Attorney General's Office announced that it received 1,300 reported data breaches in 2016—a 60 percent...more
6/5/2017
/ Advertising ,
Argentina ,
Australia ,
Chile ,
CNIL ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
Data Security ,
De-Identification ,
Department of Defense (DOD) ,
Department of Health and Human Services (HHS) ,
DNA ,
DPA ,
e-Privacy Directive ,
EDPS ,
Encryption ,
Enforcement Actions ,
ENISA ,
EU ,
FACTA ,
FCC ,
Federal Aviation Administration (FAA) ,
Federal Trade Commission (FTC) ,
France ,
Fraud ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hong Kong ,
Information Commissioner's Office (ICO) ,
Information Sharing ,
Israel ,
Italy ,
Japan ,
Medical Records ,
Metadata ,
Mexico ,
National Security ,
Netherlands ,
NIST ,
Online Safety for Children ,
Patient Privacy Rights ,
Payroll Records ,
Personal Data ,
Personal Data Privacy Comission (PDPC) ,
Personally Identifiable Information ,
Popular ,
Privacy Policy ,
Repeal ,
Robocalling ,
Securities and Exchange Commission (SEC) ,
Singapore ,
Social Media ,
Spain ,
SWIFT ,
Telecommunications ,
Transparency ,
UK ,
Unmanned Aircraft Systems ,
USTR ,
XBRL Filing Requirements
On December 28, 2016, the New York Department of Financial Services ("DFS") released a revised version of a proposed regulation that would require banks, insurance companies, and other financial services institutions...more
3/15/2017
/ Actual Injuries ,
Advertising ,
Argentina ,
Australia ,
Banks ,
Belgium ,
Big Data ,
Canada ,
China ,
Class Action ,
Colombia ,
Connected Items ,
Consumer Protection Act ,
Controlled Unclassified Information (CUI) ,
Credit Cards ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Data Protection ,
Data Protection Authority ,
Data Security ,
Databases ,
Department of Homeland Security (DHS) ,
Department of Transportation (DOT) ,
Email Policies ,
ENISA ,
EU ,
EU Data Protection Laws ,
Fair Credit Reporting Act (FCRA) ,
Federal Breach Notification Standard ,
Federal Trade Commission (FTC) ,
FinTech ,
France ,
Fraud ,
General Data Protection Regulation (GDPR) ,
Germany ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hong Kong ,
Information Sharing ,
International Data Transfers ,
Investigatory Powers Act 2016 ,
Italy ,
Japan ,
Mexico ,
National Security ,
Netherlands ,
NIST ,
NYDFS ,
OCIE ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
SEC Examination Priorities ,
Securities and Exchange Commission (SEC) ,
Settlement Agreements ,
Singapore ,
Spain ,
Spokeo ,
Standing ,
State Data Breach Notification Statutes ,
Swiss Privacy Shield ,
Switzerland ,
TCPA ,
Telemarketing ,
UK ,
V2V ,
Web Tracking