Please join Consumer Financial Services Partner Chris Willis and his colleagues Privacy + Cyber Associate Sadia Mirza and Privacy + Cyber Partner Kamran Salour as they discuss phishing. Kamran and Sadia break down what...more
Please find our seventh edition of the Cyber Capsule. As the year end approaches, there was a notable absence of prospective cyber-related regulation. Instead, this edition highlights the rising cost of ransomware, yet...more
According to the Verizon Wireless 2022 Data Breach Investigations Report, there are four prominent paths that threat actors use to gain unauthorized access into an organization’s network...
Originally published in Law360 on...more
In this episode of Unauthorized Access, Kamran and Sadia welcome their firm colleague, Privacy + Cyber Partner and Team Leader Ron Raether, in a discussion on consumer breach notices — specifically from Ron's perspective as a...more
Welcome to the sixth edition of the Cyber Capsule. This edition focuses on protecting judges’ personal information; an uptick in phishing; a regulatory decision and a judicial opinion, each of which may impact how companies...more
For nearly 20 years, October has served as Cybersecurity Awareness Month. To highlight the importance of being cyber ready, we will release weekly tricks and treats as part of this four-part series to make your business more...more
The holiday season is around the corner. For most of us, it is a time of joy, cheer, excitement, and hopefully some relaxation. For cyber criminals, however, this is the busy season (same goes for Santa and his elves).
...more
Can cyber investigations be canned? Find out what Sadia, Kamran, and this month’s guest, Shawn Tuma of Spencer Fane, have to say. The gloves come off as these three breach coaches duke it out for the final word on this topic....more
Please find our fourth edition of the Cyber Capsule. As in months past, we continue to see an emphasis on two trends — an emphasis on cybersecurity funding and an emphasis on information sharing. Information sharing, however,...more
Exemption Extensions Failed. On August 31, California's legislature ended its 2022 session without adopting legislation to extend the California Consumer Privacy Act (CCPA) employee and business-to-business (B2B) personal...more
With the notice and cure set to expire on January 1, 2023, California Attorney General Rob Bonta (CA AG) provided a glimpse at what to expect with its first settlement of alleged violations of the California Consumer Privacy...more
9/1/2022
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Personal Information ,
Privacy Laws ,
Sephora ,
Statutory Violations
In this episode of Unauthorized Access, Kamran and Sadia welcome Tony Kirtley of Secureworks. Tony discusses the emotional response to a ransomware attack, particularly how the emotional response mirrors the Kübler-Ross five...more
Welcome to the second edition of Troutman Pepper’s Cyber Capsule, which recaps last month’s noteworthy developments, including updates to reporting rules and cybercrime sharing, and other tidbits of information relating to...more
Hello and welcome to the inaugural edition of Troutman Pepper’s Cyber Capsule. The Cyber Capsule gathers noteworthy news from the prior month and groups them here. You might be asking yourself why am I receiving this? Well,...more
The California Privacy Rights Act (CPRA) established the California Privacy Protection Agency (CPPA), and requires the CPPA to adopt, amend, and rescind regulations on 22 topics — including, among other things, definitions,...more
The California Privacy Rights Action (CPRA) will significantly impact how entities process personal information requiring covered businesses to review and update their existing vendor agreements. The CPRA also includes...more
Introduction As of March 22, 11 states have wrapped up their 2022 legislative sessions. In these early sessions, privacy legislation was considered in seven of the 11 states that have completed their 2022 sessions, namely...more
On February 23, the Wisconsin House passed Assembly Bill 957 (AB 957), a bill relating to consumer data protection. This legislation is based on the Virginia Consumer Data Protection Act (VCDPA) and provides consumers with...more
On February 3, a New York magistrate judge recommended dismissing a class action against medical management company, Professional Business System d/b/a Practicefirst Medical Management Solutions in Tassmer v. Professional...more
EDITOR’S NOTE: There was no respite in privacy and cyber law in December 2021, despite the holidays and COVID-19 case surge. Domestically, U.S. regulators stepped up their efforts, signaling their focus on privacy policies...more
Entities that collect Wisconsin residents’ personal information and are licensed, registered, or authorized (licensee) with the Office of the Commissioner of Insurance (commissioner) will have to abide by a new data security...more
Like the California Consumer Privacy Act of 2018 (CCPA) and the California Privacy Rights Act of 2020 (CPRA), the Virginia Consumer Data Protection Act (VCDPA) does not grant a private right of action for alleged violations...more
Identifying data processing obligations is tricky, especially as overlapping privacy laws are enacted. Compliance will always hinge on understanding what laws jurisdictionally apply and a firm grasp of the data collected and...more
As we noted in Part One of this Series, which provides an introduction and overview of the Virginia Consumer Data Protection Act, most privacy laws – including those adopted in the United States – are built on the Fair...more
We have long predicted that just as other states followed California in passing breach notification laws, states would follow in California’s footsteps in regulating information privacy practices with the California Consumer...more