On October 27, the Federal Trade Commission (“FTC”) unanimously voted to amend the Safeguards Rule to require non-banking financial institutions to report data breaches and security events to the Agency. This amendment will...more
On May 28, Texas became the sixth state this year to pass a comprehensive data protection law. Although the Texas Data Privacy and Security Act (“TDPSA”) is largely in line with the Virginia Consumer Data Protection Act and...more
The State of Washington appears close to enacting a new law that regulates the privacy of consumer health information. If passed, the new law – the My Health My Data Act (MHMDA) –would take effect March 31, 2024 and apply...more
On March 15, 2023, the Iowa House passed Senate Bill 262 on a 97-0 vote. The Bill had previously passed the Iowa Senate on March 6, 2023. If ultimately signed by Iowa Governor Kim Reynolds, Iowa would join California,...more
The AI application ChatGPT quickly became a household name, but already is morphing into a more advanced version of generative AI. At the same time, Microsoft’s redesigned Bing search engine will soon run on a new,...more
2022 proved to be an historic year for privacy and data security, and 2023 is likely to follow suit. With privacy compliance deadlines looming under three state laws, a surge in data privacy litigation, new federal...more
Many privacy professional may have missed it, but In the run-up to the New Year — while many U.S. companies were focused on complying with the California Privacy Rights Act (CPRA) — Congress passed an appropriations bill that...more
2022 proved to be an historic year for privacy and data security. Connecticut and Utah joined the list of states that have now passed comprehensive data privacy laws, bringing the total to five (5) states. For the first...more
In early November, Pennsylvania amended its data breach notification law broadening the definition of personal information. The amendment adds “health insurance information” and “medical information” as data elements that...more
After discussing what the Metaverse is and its possible uses by providers of legal and other services, we look at an array of legal issues that should be considered by lawyers and their clients operating in the Metaverse or...more
With the CPRA set to become effective in a little more than three months, Ballard Spahr partners Phil Yannella and Greg Szewczyk discuss CPRA rule-making, the recent Sephora settlement, and outline key compliance steps that...more
The Federal Trade Commission (FTC) recently issued a blog post stating that a failure to disclose a data breach may be a violation of Section 5 of the FTC Act. The May 20 blog post, titled Security Beyond Prevention: The...more
The Federal Trade Commission (FTC) recently issued a blog post stating that a failure to disclose a data breach may be a violation of Section 5 of the FTC Act. The May 20 blog post, titled Security Beyond Prevention: The...more
The California Privacy Protection Agency (“CPPA”) scheduled a Board Meeting for June 8th, in which it will be discussing and possibly taking action with regard to the much anticipated CPRA enforcing regulations. To...more
The last few months have seen a flurry of new federal cybersecurity incident reporting requirements and proposals impacting private entities in the financial sector. As the number and frequency of cyber attacks continue to...more
In a series of recent statements and releases, Lina Khan, the Chair of the FTC, made clear the Commission’s intention to revamp its oversight of consumer data privacy and establish more substantive limits on commercial data...more
2021 proved to be a momentous year for privacy and data security law. The scourge of ransomware continued last year, leading to record-setting ransomware payments, a muscular response from the federal government, a hardening...more
On October 27, the Federal Trade Commission (FTC) announced a final rule (Final Rule) and supplemental notice of proposed rulemaking (NPRM) to amend the Safeguards Rule promulgated under the Gramm-Leach-Bliley Act (GLBA),...more
With a little over a year of enforcing the California Consumer Privacy Act (CCPA) under its belt, the Office of the California Attorney General (OAG) recently held a press conference to announce updates on its CCPA...more
Following in the footsteps of the Eastern District of Virginia’s Capital One decision last year and the District of D.C.’s Clark Hill decision earlier this year, the Eastern District of Pennsylvania has just ordered the...more
After a pandemic-related hiatus in 2020, a number of U.S. states have proposed new data privacy laws in 2021 – and several are very close to passage. Virginia’s proposed data privacy law appears to be the closest and is...more
The Administrative Office of the U.S. Courts (the “AO”) recently disclosed that it has initiated an investigation into an apparent compromise in security of the Judiciary’s Case Management/Electronic Case Files System...more
The California Attorney General’s Office recently released a fourth set of proposed regulatory modifications to the California Consumer Privacy Act (the “CCPA”)....more
Assaults on Section 230 of the Communications Decency Act (the “CDA”)—which shields online platforms from civil liability for third party content on their services—are abundant these days. On October 15, 2020, FCC Chairman...more
The California Attorney General’s Office released its long-awaited proposed CCPA Regulations yesterday. The proposed Regulations are 24 pages long, and address a number of important technical compliance issues including...more
10/11/2019
/ Attorney General ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Information Sharing ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Regulation ,
Regulatory Agenda ,
Rulemaking Process ,
State and Local Government