Recently, the Iowa Legislature sent a bill to Iowa Governor Kim Reynolds for her signature that would make Iowa the sixth state to enact a comprehensive privacy law. The Iowa Senate unanimously passed Senate File 262 (SF 262)...more
Editor’s Note: The U.S. Marshals Service suffered a data breach, demonstrating that no one is immune from such an occurrence. In regulatory news, government agencies remained focused on privacy, as the SEC proposed amendments...more
Editor’s Note: As the nation celebrated National Privacy Day on January 28, in regulatory news, the Colorado AG published a third version of its proposed regulations, and the CPPA voted to submit its draft regulations to the...more
It is 2022, which means you’ve received your fair share of consumer breach notification letters.
Originally published in Law360 on September 30, 2022....more
Editor’s Note: In regulatory news, the Federal Trade Commission extended the deadline to comply with the Safeguards Rule, and Health and Human Services issued guidance for the use of online tracking technology under HIPAA. In...more
According to the Verizon Wireless 2022 Data Breach Investigations Report, there are four prominent paths that threat actors use to gain unauthorized access into an organization’s network...
Originally published in Law360 on...more
Editor’s Note: The California Privacy Protection Agency released amendments to its draft regulations, and the Consumer Finance Protection Bureau contemplates rulemaking on sharing financial data. In U.S. litigation, the first...more
In this episode of Unauthorized Access, Kamran and Sadia welcome their firm colleague, Privacy + Cyber Partner and Team Leader Ron Raether, in a discussion on consumer breach notices — specifically from Ron's perspective as a...more
Editor’s Note: In the U.S. laws and regulation space, the White House is focusing on privacy, evident through its session on accountability for big tech and the recent executive order highlighting cybersecurity risks....more
10/18/2022
/ Biometric Information ,
Biometric Information Privacy Act ,
CFIUS ,
COPPA ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
GAO ,
Popular ,
Proposed Regulation
Please join Consumer Financial Services Partner Chris Willis and his colleagues Ron Raether and Kim Phan, partners in our Privacy + Cyber Practice Group, as they discuss recent privacy and data security updates in the...more
Editor’s Note: In the U.S. laws and regulation space, the California attorney general announced the first-ever CCPA settlement, the California Privacy Protection Agency raised objections to the ADPPA, and the FTC announced...more
Exemption Extensions Failed. On August 31, California's legislature ended its 2022 session without adopting legislation to extend the California Consumer Privacy Act (CCPA) employee and business-to-business (B2B) personal...more
With the notice and cure set to expire on January 1, 2023, California Attorney General Rob Bonta (CA AG) provided a glimpse at what to expect with its first settlement of alleged violations of the California Consumer Privacy...more
9/1/2022
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Personal Information ,
Privacy Laws ,
Sephora ,
Statutory Violations
On July 29, New York State’s Department of Financial Services (NYDFS) released draft amendments (Draft Amendments) to its Part 500 Cybersecurity Regulation for financial service companies that, among others things: (1)...more
On August 11, the Consumer Financial Protection Bureau (CFPB) published a circular, answering the question “Can entities violate the prohibition on unfair acts or practices in the Consumer Financial Protection Act (CFPA) when...more
Editor’s Note: In the U.S. laws and regulation space, federal lawmakers continued to push the American Data Privacy and Protection Act forward, and the FTC pledged to enforce the law against the illegal use of highly...more
Background on the PIPL Security Assessment. On July 7, China’s top regulator, the Cyberspace Administration of China (CAC), released the final version of the Measures for Security Assessment of Data Exports (Security...more
Editor’s Note: In the U.S. laws and regulation space, federal lawmakers formally introduced bipartisan comprehensive federal privacy legislation titled, the American Data Privacy and Protection Act. Meanwhile, California...more
Like most industries today, Consumer Finance Services businesses continue to be significantly impacted by COVID-19. To help you keep abreast of relevant activities, below find a breakdown of some of the biggest legislative...more
Editor’s Note: This past month featured increased activity in privacy and data protection. U.S. Legislation and Regulation. Connecticut’s governor signed a comprehensive privacy bill, and President Biden has before him a bill...more
The California Privacy Rights Act (CPRA) established the California Privacy Protection Agency (CPPA), and requires the CPPA to adopt, amend, and rescind regulations on 22 topics — including, among other things, definitions,...more
The California Privacy Rights Action (CPRA) will significantly impact how entities process personal information requiring covered businesses to review and update their existing vendor agreements. The CPRA also includes...more
On May 9, Clearview AI (Clearview) and the American Civil Liberties Union (ACLU) reached a settlement whereby Clearview agreed to a nationwide injunction blocking many private entities, and some public entities, from...more
As we explained in an earlier installment, most privacy law derive from the Fair Information Practice Principles (FIPPs). The FIPPs provide, in part, that consumers should be given notice of how their information will be used...more
Creation of CyTech. On May 9, the National Association of Attorneys General (NAAG) announced the creation of the NAAG Center on Cyber and Technology (CyTech), joining a number of other centers focused upon key issues for...more