DoorDash, Inc. recently settled with the California Attorney General for alleged violations of the California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA). This is only the second...more
CYBERSECURITY
HC3 Warns Health Sector About Social Engineering Attacks Against IT Help Desks -
The Health Sector Cybersecurity Coordination Center (HC3) recently issued an Alert warning that “threat actors employing...more
4/12/2024
/ California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
Information Technology ,
Risk Management
The California Privacy Protection Agency (CPPA) recently issued an enforcement advisory encouraging covered businesses to focus on their data minimization obligations related to consumer requests under the California Consumer...more
The Federal Trade Commission (FTC) has declined to approve a new method for obtaining parental consent under the Children’s Online Privacy Protection Act (COPPA) that would involve analyzing facial geometry to verify an...more
CYBERSECURITY -
City of Pensacola Services Disrupted by Cyber-Attack -
Adding to the list of many other municipalities, the city of Pensacola, Florida, was hit with a cyber-attack last weekend that affected services to...more
3/22/2024
/ Artificial Intelligence ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Machine Learning ,
Online Platforms ,
Tracking Systems ,
Vulnerability Assessments
The California Privacy Protection Agency’s (CPPA) highly anticipated regulations for automated decision-making technology and risk assessment requirements are likely far from final. The CPPA met at the beginning of the month...more
Convergent Outsourcing Inc., a debt-collection agency, settled a data breach class action in the U.S. District Court for the Western District of Washington for $2.45 million. The class action suit against Convergent alleged...more
CYBERSECURITY -
CISA, FBI + MS-ISAC Issue Warning on Phobos Ransomware -
To help organizations protect against ransomware, CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a...more
3/11/2024
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Biden Administration ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Executive Orders ,
FBI ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
International Data Transfers ,
International Emergency Economic Powers Act (IEEPA) ,
Ransomware ,
Vulnerability Assessments
CYBERSECURITY CISA-
FBI + MS-ISAC Issue Warning on Phobos Ransomware-
To help organizations protect against ransomware, CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a...more
On February 28, 2024, the Justice Department published an Advanced Notice of Proposed Rulemaking (ANPRM) to seek public comments on the establishment of a new regulatory regime to restrict U.S. persons from transferring bulk...more
3/8/2024
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Cross-Border Transactions ,
Cybersecurity ,
Data Brokers ,
Department of Homeland Security (DHS) ,
Executive Orders ,
Foreign Nationals ,
International Emergency Economic Powers Act (IEEPA) ,
National Security ,
Personal Data ,
Regulatory Agenda
The Connecticut Data Privacy Act (CDPA), which became effective on July 1, 2023, provides Connecticut residents with certain rights over their personal information and establishes responsibilities and privacy protection...more
2/12/2024
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Information Technology ,
Regulatory Reform ,
Regulatory Requirements ,
State Attorneys General ,
State Data Privacy Laws
CYBERSECURITY -
Ransomware Hitting U.S. Companies at Increasing Rate -
Unfortunately, according to Unit 42 of Palo Alto’s recently published “Ransomware and Extortion Report,” ransomware groups had a good year in 2022....more
CYBERSECURITY CISOs:
New Report Outlines Risks of LLMs -
I hang out with a lot of Chief Information Security Officers (CISOs), so this piece is for them. Of course, it will be of interest to all security professionals...more
2/2/2024
/ Artificial Intelligence ,
Chief Information Security Officer (CISO) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
General Data Protection Regulation (GDPR) ,
Machine Learning ,
Mercedes-Benz ,
Risk Management ,
Vulnerability Assessments
Last week, California Attorney General Rob Bonta announced a new enforcement focus on streaming apps’ failure to comply with the California Consumer Privacy Act (CCPA). This investigation will examine whether streaming...more
CYBERSECURITY -
Mozilla Releases Security Updates for Thunderbird and Firefox -
Mozilla recently released security updates to address known vulnerabilities in their Thunderbird and Firefox products. The Cybersecurity &...more
1/31/2024
/ Baby Boomers ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Drones ,
Generation Z ,
Location Data ,
Personally Identifiable Information ,
Vulnerability Assessments
CYBERSECURITY-
Mozilla Releases Security Updates for Thunderbird and Firefox -
Mozilla recently released security updates to address known vulnerabilities in their Thunderbird and Firefox products. The Cybersecurity &...more
1/26/2024
/ California Privacy Protection Agency (CPPA) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
FBI ,
Federal Trade Commission (FTC) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Location Data ,
Mozilla ,
Network Security ,
Vulnerability Assessments
Last week, a federal complaint was filed against Andrew Hernandez in federal District Court in California charging him with the unsafe operation of an unmanned aircraft (or drone). The allegations against Hernandez include...more
Last week, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released Cybersecurity Guidance: Chinese-Manufactured Unmanned Aircraft Systems (UAS), which outlines the...more
Last week, the California Privacy Protection Agency (CPPA) launched a new website dedicated to providing resources to California residents about their privacy rights under the California Consumer Privacy Act (CCPA). The...more
1/26/2024
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Online Platforms ,
Regulatory Requirements ,
Rulemaking Process ,
State Privacy Laws ,
Websites
CYBERSECURITY -
SEC’s Hacked X Account Leads to Tumultuous Bitcoin Market -
The Securities and Exchange Commission has confirmed that its X account “was compromised, and an unauthorized post was posted.” The SEC...more
1/12/2024
/ 23andMe ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Genetic Materials ,
Hackers ,
Information Governance ,
Personally Identifiable Information ,
Securities and Exchange Commission (SEC) ,
State Data Privacy Laws ,
Twitter
Similar to the well-known California Consumer Privacy Act, on July 1, 2024, the Colorado Privacy Act (CPA) goes into effect and will provide Colorado residents with express rights over their data collected by businesses. The...more
1/12/2024
/ Colorado ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Priorities ,
Opt-Outs ,
Personal Data ,
Regulatory Agenda ,
Regulatory Reform ,
State Data Privacy Laws
The California Privacy Protection Agency (CPPA) recently met to discuss automated decision-making technology, privacy risk assessments and cybersecurity audits under the California Consumer Privacy Act (CCPA) as amended by...more
12/27/2023
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Comment Period ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Regulatory Agenda ,
Regulatory Requirements ,
Rulemaking Process ,
State Privacy Laws
Last week, the California Privacy Protection Agency (CPPA) voted in favor of a legislative proposal that would require web browsers to include a feature that allows web users the ability to exercise their privacy rights under...more
12/22/2023
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Opt-Outs ,
Regulatory Agenda ,
Right to Privacy ,
State Data Privacy Laws ,
Web Browsers ,
Websites
CYBERSECURITY -
New York Governor Proposes Cybersecurity Regulations for NY Hospitals -
On November 13, 2023, Governor Kathy Hochul released proposed cybersecurity regulations applicable to all hospitals located within...more
11/17/2023
/ Artificial Intelligence ,
Consumer Privacy Rights ,
Corporate Sales Transactions ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
FCC ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Identity Theft ,
Personal Data ,
Personally Identifiable Information ,
Regulatory Agenda ,
Regulatory Reform
Data privacy and cybersecurity risks are critical components of M&A transactions due to the potential exposure for legal liability for non-compliance, as well as the financial and reputational harm and the material impact...more
11/17/2023
/ Acquisition Agreements ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cooperative Compliance Regime ,
Corporate Sales Transactions ,
Cybersecurity ,
Data Privacy ,
Due Diligence ,
Failure to Comply ,
Merger Agreements ,
Popular