The Federal Trade Commission (FTC or Commission) has amended its Standards for Safeguarding Customer Information, commonly known as the "Safeguards Rule," to require non-bank financial institutions to report certain data...more
Legislation requires data brokers to register with the California Privacy Protection Agency and comply with a one-stop consumer deletion mechanism by 2026 -
The wave of data privacy legislation in California continues as...more
10/4/2023
/ Audits ,
California ,
California Privacy Protection Agency (CPPA) ,
Data Brokers ,
Data Deletion ,
Data Privacy ,
Data Protection ,
Data Security ,
Disclosure Requirements ,
Legislative Agendas ,
New Legislation ,
Personal Data ,
Regulatory Oversight ,
Reporting Requirements ,
State Legislatures
Oregon becomes the 12th state with a comprehensive consumer data privacy law -
The Oregon Consumer Privacy Act (OCPA) became law on July 18, 2023. Oregon is the twelfth state to enact a comprehensive consumer data privacy...more
7/20/2023
/ Consumers ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Protection Acts ,
Data Security ,
Legislative Agendas ,
New Legislation ,
New Regulations ,
Oregon ,
Personal Data ,
Privacy Laws ,
State and Local Government ,
State Privacy Laws
Swiftly on the heels of the U.S. announcing it fulfilled its commitments for implementing the EU-U.S. Data Privacy Framework (the Framework), the European Commission (the EC) formally recognized that commercial organizations...more
7/14/2023
/ Court of Justice of the European Union (CJEU) ,
Data Security ,
Department of Justice (DOJ) ,
Department of Transportation (DOT) ,
Enforcement ,
EU Data Protection Laws ,
European Commission ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Liability ,
Notice Requirements ,
ODNI ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
US-EU Safe Harbor Framework
The Texas Data Privacy and Security Act (TDPSA) became law on June 16, 2023. Texas becomes the 11th state to enact a comprehensive consumer data privacy law, joining California, Virginia, Colorado, Connecticut, Utah, Iowa,...more
7/7/2023
/ Biometric Information ,
Compliance ,
Consent ,
Data Privacy ,
Data Protection ,
Data Security ,
Fair Credit Reporting Act (FCRA) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Non-Discrimination Rules ,
Notice Requirements ,
Opt-Outs ,
Popular ,
Private Right of Action ,
Reporting Requirements ,
SBA ,
Sensitive Personal Information ,
Small Business ,
State Privacy Laws ,
Texas
INCDPA takes business-friendly approach to data privacy, following Virginia, Utah, and Iowa -
Indiana has become the seventh state to enact a "comprehensive" data privacy law, joining California, Virginia, Colorado,...more
The federal government continues to put pressure on cloud service providers. On March 22, 2023, the Federal Trade Commission (FTC) issued a Request for Information (RFI) seeking public input on the market power and business...more
March 2023 was a consequential month for data privacy law. The California Office of Administrative Law (OAL) formally approved regulations issued by the California Privacy Protection Agency (CPPA) implementing the California...more
With the unanimous passage of Senate File 262 by the Iowa House and Senate and the Governor's signature Tuesday, the Hawkeye State joins California, Colorado, Connecticut, Virginia, and Utah as one of six states with a...more
3/31/2023
/ Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
New Legislation ,
Personal Information ,
Privacy Laws ,
Regulatory Reform ,
State Data Breach Notification Statutes ,
State Data Privacy Laws
For businesses subject to data breach notification requirements in Utah and Pennsylvania, a series of significant amendments will soon go into effect in both states. ...more
The Securities and Exchange Commission (SEC or Commission) voted on March 15, 2023, to propose three new sets of rules for data security, cybersecurity, and IT operational resilience. The newly proposed rules would, among...more
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the formation of a new program aimed at identifying and preventing ransomware attacks. The initiative is known as the Ransomware Vulnerability Warning...more