Introduction As of March 22, 11 states have wrapped up their 2022 legislative sessions. In these early sessions, privacy legislation was considered in seven of the 11 states that have completed their 2022 sessions, namely...more
California Privacy Protection Agency Director Ashkan Soltani recently announced that long-awaited regulations related to the California Privacy Rights Act (CPRA) would be delayed. The agency initially scheduled a July 1...more
On February 25, the Utah Senate passed the Utah Consumer Privacy Act (the UCPA), which closely resembles both the Virginia Consumer Data Protection Act (the VCDPA) and the Colorado Privacy Act (the CPA). The House unanimously...more
On February 23, the Wisconsin House passed Assembly Bill 957 (AB 957), a bill relating to consumer data protection. This legislation is based on the Virginia Consumer Data Protection Act (VCDPA) and provides consumers with...more
On February 18, California lawmakers proposed two bills that further extend the existing employee and business-to-business (B2B) data exemptions included in the California Consumer Privacy Act and the California Privacy...more
On February 3, a New York magistrate judge recommended dismissing a class action against medical management company, Professional Business System d/b/a Practicefirst Medical Management Solutions in Tassmer v. Professional...more
On January 13, Him Das, the acting head of the Financial Crimes Enforcement Network (FinCEN), highlighted ransomware as a chief national security risk. At the Financial Crimes Enforcement Conference, Das suggested that the...more
On January 28, California Attorney General Rob Bonta announced that his office was beginning an “investigative sweep” of businesses operating consumer loyalty programs in California. The California AG’s press release stated...more
EDITOR’S NOTE: There was no respite in privacy and cyber law in December 2021, despite the holidays and COVID-19 case surge. Domestically, U.S. regulators stepped up their efforts, signaling their focus on privacy policies...more
Entities that collect Wisconsin residents’ personal information and are licensed, registered, or authorized (licensee) with the Office of the Commissioner of Insurance (commissioner) will have to abide by a new data security...more
The California Privacy Protection Agency (CPPA) is the first state privacy agency in the nation and was created as part of the California Privacy Rights Act (CPRA). While this agency has already been formed, it will not begin...more
A U.S. district judge in Illinois recently denied a motion to dismiss in a class action involving an alleged violation of the Illinois’ Right of Publicity Act (IRPA). The court determined that the defendant’s arguments were...more
For most of 2020, the world struggled with COVID-19 and its effects.
Earlier in the pandemic, we published a Law360 guest article offering privacy guidance to developers interested in creating contact-tracing...more
Like the California Consumer Privacy Act of 2018 (CCPA) and the California Privacy Rights Act of 2020 (CPRA), the Virginia Consumer Data Protection Act (VCDPA) does not grant a private right of action for alleged violations...more
Identifying data processing obligations is tricky, especially as overlapping privacy laws are enacted. Compliance will always hinge on understanding what laws jurisdictionally apply and a firm grasp of the data collected and...more
In Gardiner v. Walmart, Inc., a Walmart customer who purchased goods online filed a putative class action alleging that Walmart's cybersecurity procedures led to a purported unauthorized disclosure of his personal identifying...more
One key area where Virginia’s Consumer Data Protection Act (CDPA) differs from the California Consumer Privacy Act of 2018 (CCPA) and the California Privacy Rights Act of 2020 (CPRA) is the law’s notice and disclosure...more
As we noted in Part One of this Series, which provides an introduction and overview of the Virginia Consumer Data Protection Act, most privacy laws – including those adopted in the United States – are built on the Fair...more
We have long predicted that just as other states followed California in passing breach notification laws, states would follow in California’s footsteps in regulating information privacy practices with the California Consumer...more
2020 was a transformative year for the consumer financial services world. As we navigate an unprecedented volume of industry regulation, Troutman Pepper is uniquely positioned to help its clients find successful resolutions...more
3/3/2021
/ Background Checks ,
Banking Sector ,
Bankruptcy Code ,
Banks ,
CARES Act ,
Consumer Financial Protection Bureau (CFPB) ,
Coronavirus/COVID-19 ,
Debt Collection ,
Debt Collectors ,
ECOA ,
Fair Credit Reporting Act (FCRA) ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
Lenders ,
Student Loans ,
TCPA
On October 12, less than a month before California will vote on a referendum that would significantly overhaul the California Consumer Privacy Act (CCPA), the California attorney general released a third set of Proposed...more
10/15/2020
/ California Consumer Privacy Act (CCPA) ,
Comment Period ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Opt-Outs ,
Personal Information ,
Proposed Regulation ,
Public Comment
CCPA 2.0: A Refresher -
Just as the dust from the CCPA began to settle, on June 24, 2020, the California Secretary of State released a memorandum stating that the California Privacy Rights Act (the “CPRA”), also known as...more
On August 14, 2020, the final regulations for the California Consumer Privacy Act (CCPA) (available here) were approved by the California Office of Administrative Law (OAL) and are effective immediately. The CCPA has...more
Enforcement of the California Consumer Privacy Act (CCPA) began July 1, 2020. Our privacy team at Troutman Pepper includes several attorneys who worked in an attorney general’s office. This privacy regulatory team has...more
8/11/2020
/ Advertising ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Personal Information ,
Prior Express Consent ,
Social Media ,
State Attorneys General ,
Web Content Accessibility Guidelines (WCAG) ,
Website Owner Liability
Enforcement of the California Consumer Privacy Act (CCPA) began July 1, 2020. Our privacy team at Troutman Pepper includes several attorneys who worked in an attorney general’s office. This privacy regulatory team has...more
7/29/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Use Policies ,
Enforcement Authority ,
Notice Requirements ,
Opt-Outs ,
Privacy Policy ,
Vendors