In a settlement with Marriott International and its subsidiary Starwood hotels and Resorts Worldwide, the FTC will require Marriott to implement a new comprehensive data security program. The settlement stems from a series of...more
As the manufacturing industry increasingly relies on advanced technology such as the industrial internet of things, automation and big data, manufacturers are particularly susceptible to cyberattacks. Manufacturing operations...more
In March 2020, the Cybersecurity Mandate within New York’s Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) went into effect. In its entirety, the SHIELD Act expanded breach notification obligations for...more
On Dec. 20, 2023, the Federal Trade Commission (FTC) published a Notice of Proposed Rulemaking (NPRM) to the Children’s Online Privacy Protection Act (COPPA). COPPA was enacted in 1998 and went into effect in 2000. Under...more
On Nov. 27, 2023, Nashville-based healthcare corporation Ardent Health Services (Ardent) announced that a ransomware attack impacted 30 of its hospitals and forced the shutdown of several emergency rooms in at least three...more
On Jan. 10, 2023, the Federal Trade Commission (FTC) finalized its order against online alcohol marketplace, Drizly, and its CEO, James Cory Rellas for failing to implement security safeguards that led to a data breach in...more
On June 5, 2023, the Nevada Legislature passed an amended version of Senate Bill 370 (SB 370 or the Act), which imposes new requirements on the collection, use and sale of consumer health data. The bill was signed on June 22,...more
On Dec. 19, 2022, Epic Games, the developer of popular video game Fortnite, agreed to pay more than $520 million to settle Federal Trade Commission (FTC) claims that alleged a violation of the Children’s Online Privacy...more
On Jan. 1, 2023, both the California Privacy Rights Act (CPRA) and Virginia Consumer Data Privacy Act (VCDPA) come into effect, introducing new and updated data privacy and security obligations to covered entities. As these...more
New York’s Cybersecurity mandate under the New York SHIELD Act became effective on March 22, 2020. This unfortunate timing, considering its alignment with the beginning of COVID-19 shutdowns, created an almost unspoken...more
Zoetop, the parent company behind online fashion retailers SHEIN and ROMWE, has been fined $1.9 million by New York State after it failed to properly inform customers of a data breach that affected millions of users. A...more
Schools and universities are increasingly the targets of ransomware attacks. So, it is not surprising that the second largest school district in the U.S., the Los Angeles Unified School District (LA Unified) was hit by a...more
New York's SHIELD Act, which became effective on March 21, 2020, requires persons and organizations that own or license electronic data that includes New York resident’s private information to maintain reasonable...more
The cybersecurity and data privacy legal landscape continues its rapid evolution. Below is an outline of some of the most significant developments in the last quarter.
Federal Legislation:
In June, a bipartisan...more
How do you get ahead of a ransomware attack in the healthcare delivery environment? By acting, now. A quick way to organize? Look at the 405(d) group’s work, including its recently released ransomware infographic....more
On Aug. 20, 2021, the Standing Committee of China’s National’s People’s Congress, the top legislative body of the People’s Republic of China, adopted a national privacy law. The extensive law, named the Personal Information...more
With the outbreak of Coronavirus in the U.S., virtual meeting apps have seen an exponential increase in usage. From business meetings and remote real estate walk throughs, to online schooling to virtual happy hours—countless...more
Taking effect March 21, 2020, the New York Stop Hacks and Improve Electronic Date Security Act (SHIELD Act), imposes several potentially onerous compliance requirements on businesses operating in (and even some outside of)...more
On the last day of its 2019 session, the California legislature passed six bills that amend and clarify key provisions of the California Consumer Privacy Act (the “CCPA”), the state’s landmark 2018 data privacy law. The CCPA,...more
12/5/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Governor Newsom ,
Opt-Outs ,
Personal Information ,
Privacy Laws ,
Private Right of Action ,
Right to Delete
As you likely already know, on July 25, 2019, Governor Cuomo signed into law the New York Stop Hacks and Improve Electronic Data Security Act (“SHIELD” or “the Act”). Imbedded in the dense text of the Act are upcoming...more