NIST Publishes Report on the Cybersecurity of Genomic Data. On December 20, 2023, the NIST National Cybersecurity Center of Excellence (NCCoE) published Final NIST IR 8432, Cybersecurity of Genomic Data. Informed by direction...more
2/13/2024
/ Artificial Intelligence ,
Biometric Information ,
Biometric Information Privacy Act ,
Consumer Financial Products ,
Consumer Fraud ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Brokers ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
NIST ,
Personal Information ,
Personally Identifiable Information ,
Popular ,
Putative Class Actions
On November 30, the Illinois Supreme Court unanimously ruled that the Biometric Information Privacy Act (BIPA) does not apply to health care workers whose fingerprints are collected, stored, and used to access medication and...more
12/19/2023
/ Biometric Information ,
Biometric Information Privacy Act ,
Data Collection ,
Employee Privacy Rights ,
Fingerprints ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Healthcare Workers ,
IL Supreme Court ,
Illinois ,
Privacy Laws ,
State Privacy Laws ,
Statutory Interpretation ,
Technology
Editor’s Note: The FTC continues to crack down on privacy and cybersecurity, including issuing a new warning to tax preparation companies and entering into a consent decree with 1Health.io. VPPA and BIPA litigation continues...more
11/28/2023
/ Artificial Intelligence ,
Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consent Order ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Executive Orders ,
Federal Trade Commission (FTC) ,
Final Rules ,
Financial Institutions ,
Gramm-Leach-Blilely Act ,
Motion to Dismiss ,
NIST ,
Personal Information ,
Popular ,
Privacy Policy ,
Putative Class Actions ,
Safeguards Rule ,
State Attorneys General
This summer, the U.S. District Court for the Southern District of Illinois further bolstered Illinois’ Biometric Information Privacy Act’s (BIPA) nearly unfettered private right of action in Lewis v. Maverick Transportation....more
Editor’s Note: As the summer months come to an end, there has been no shortage of privacy news and updates. Oregon signed both a comprehensive privacy law and data broker law, and the SEC adopted new rules regarding the...more
9/15/2023
/ Biometric Information ,
Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Fingerprints ,
Popular ,
Securities and Exchange Commission (SEC)
Editor’s Note: Iowa became the sixth state in the nation to enact a comprehensive privacy law, and California’s latest privacy regulations came into effect. At the federal level, Congress experienced a leak of sensitive...more
Editor’s Note: The U.S. Marshals Service suffered a data breach, demonstrating that no one is immune from such an occurrence. In regulatory news, government agencies remained focused on privacy, as the SEC proposed amendments...more
Editor’s Note: As the nation celebrated National Privacy Day on January 28, in regulatory news, the Colorado AG published a third version of its proposed regulations, and the CPPA voted to submit its draft regulations to the...more
Q: Does a BIPA claim accrue each time a person’s biometrics are scanned or only with the first such scan?
A: A BIPA claim accrues with each scan....more
On February 2, the Illinois Supreme Court determined in Tims v. Blackhorse Carriers, Inc. that all claims under the Biometric Information Privacy Act (BIPA) have a five-year statute of limitations. This ruling clarified the...more
Editor’s Note: In regulatory news, the Federal Trade Commission extended the deadline to comply with the Safeguards Rule, and Health and Human Services issued guidance for the use of online tracking technology under HIPAA. In...more
Editor’s Note: The California Privacy Protection Agency released amendments to its draft regulations, and the Consumer Finance Protection Bureau contemplates rulemaking on sharing financial data. In U.S. litigation, the first...more
On October 17, a U.S. District Court for the Western District of Washington issued an order and judgment, ending two related putative class actions alleging tech companies violated Illinois’ Biometric Information Privacy Act...more
Editor’s Note: In the U.S. laws and regulation space, the White House is focusing on privacy, evident through its session on accountability for big tech and the recent executive order highlighting cybersecurity risks....more
10/18/2022
/ Biometric Information ,
Biometric Information Privacy Act ,
CFIUS ,
COPPA ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
GAO ,
Popular ,
Proposed Regulation
Editor’s Note: In the U.S. laws and regulation space, federal lawmakers continued to push the American Data Privacy and Protection Act forward, and the FTC pledged to enforce the law against the illegal use of highly...more
On May 9, Clearview AI (Clearview) and the American Civil Liberties Union (ACLU) reached a settlement whereby Clearview agreed to a nationwide injunction blocking many private entities, and some public entities, from...more
Editor’s Note: Connecticut became the fifth state in the nation to successfully pass a comprehensive privacy bill (now awaiting its governor’s signature), following California, Colorado, Utah, and Virginia. Meanwhile,...more
5/13/2022
/ Advisory Committee ,
Artificial Intelligence ,
Biometric Information Privacy Act ,
Class Action ,
Connecticut ,
Data Privacy ,
Digital Services ,
Electronically Stored Information ,
Employee Tracking ,
EU ,
False Claims Act (FCA) ,
GINA ,
Personal Data ,
State Privacy Laws ,
Stored Communications Act ,
U.S. Commerce Department
Editor’s Note: Utah became the fourth state in the nation to successfully pass a comprehensive privacy bill, following California, Colorado, and Virginia. Meanwhile, seven other states failed at their own attempts, including...more
Q: What states have biometric laws and what does this mean for my company? ...more
Introduction: Biometric Laws in 2022 -
In the first quarter of 2022 alone, no fewer than seven states have introduced biometric laws — California, Kentucky, Maine, Maryland, Massachusetts, Missouri, and New York — generally...more
On February 14, Northern District of Illinois Judge Sharon Johnson Coleman rejected Clearview AI’s arguments that Illinois’ Biometric Information Privacy Act (BIPA) violated the First Amendment....more
Editor’s Note: Organizations continue calling for a comprehensive federal privacy law, and U.S. states continue trying to fill the void by proposing their own such laws. The latest states to do so include Mississippi and...more
Q. Does the Workers’ Compensation Act bar a claim for damages under Illinois’ Biometric Privacy Act (BIPA)? ...more
Q. My company uses dash-cams to monitor driver conduct, but the company is not located in Illinois. Do I still have to comply with the Biometric Information Privacy Act? ...more
EDITOR’S NOTE: There was no respite in privacy and cyber law in December 2021, despite the holidays and COVID-19 case surge. Domestically, U.S. regulators stepped up their efforts, signaling their focus on privacy policies...more