Latest Publications

Share:

Illinois Adopts Business-Favorable Amendment to Biometric Information Privacy Act

The Illinois Biometric Information Privacy Act (“BIPA”) has posed significant litigation risk to businesses collecting biometric information since its adoption in 2008. Last year, an Illinois Supreme Court decision magnified...more

Living in a Material World: SEC Clarifies Expectations Regarding Form 8-K Disclosure of Material Cybersecurity Incidents

Last month, the Director of the Division of Corporation Finance (“Director”) of the Securities and Exchange Commission (“SEC”) issued new guidance regarding disclosures of material cybersecurity incidents via Form 8-K under...more

No Money, Mo’ Problems: DoorDash CCPA Enforcement Action Emphasizes Personal Information “Sales” Aren’t All About the Benjamins

The California Attorney General (“AG”) recently delivered (pun very much intended) a public CCPA enforcement action against DoorDash, its second following the 2022 settlement with Sephora. The DoorDash action stems from a...more

Empire State of Security: New York DFS Finalizes Significant Amendment to Financial Services Cybersecurity Regulation

The New York State Department of Financial Services (“NYDFS”), which regulates financial services institutions including banks, insurance companies, and mortgage brokers, finalized an amendment to its Cybersecurity Regulation...more

Nothing But NetChoice: Federal Court Blocks Enforcement of California Age-Appropriate Design Code

A federal court in the Northern District of California recently granted a preliminary injunction in NetChoice v. Bonta that enjoins enforcement of the California Age-Appropriate Design Code (“Code”), which would have taken...more

Same Old, Not Quite Same Old: Montana and Tennessee Adopt Comprehensive Privacy Laws, with a Unique Twist in Tennessee

The comprehensive state privacy law trend (and the related trend of enhanced job security for privacy professionals) shows no sign of slowing. Last month the Montana legislature passed the Montana Consumer Data Privacy Act...more

Privacy in the Heartland: Iowa to Become Sixth State with a Comprehensive Privacy Law

An Iowa comprehensive privacy law bill titled An Act Relating to Consumer Data Protection, Providing Civil Penalties, and Including Effective Date Provisions recently passed both chambers of the Iowa legislature with no...more

2022 Hindsight: Breach Notification Year in Review

While new comprehensive state privacy laws took most of the headlines this year, security threats and incident response remain key risk factors for privacy compliance programs and the subject of important legal developments....more

Minor Keys: Major Takeaways from New California Online Children’s Privacy Law

The California Age-Appropriate Design Code Act (the “Act”) recently became law and includes a number of online privacy-related requirements related to individuals under the age of 18. The statute is similar to, and expressly...more

Special (Category) Edition: CJEU Adopts Broad Interpretation of “Special Categories” of Personal Data Under GDPR

Earlier this month the Court of Justice of the European Union (“CJEU”) issued a decision adopting a surprisingly broad interpretation of the “special categories of personal data” under GDPR. Under GDPR Article 9, such data...more

Def-Conn 5: Connecticut Becomes the Fifth State to Adopt a General Privacy Law

Connecticut recently became the fifth state with a comprehensive consumer privacy law when Governor Ned Lamont signed An Act Concerning Personal Data Privacy and Online Monitoring, which we will refer to as the Connecticut...more

Four and Counting: Utah on Verge of Becoming the Fourth State to Adopt a Comprehensive Consumer Privacy Law

The Utah Consumer Privacy Act (UCPA) is on the verge of becoming law after recently passing both chambers of the Utah legislature with no dissenting votes. Unless Utah’s governor vetoes the bill, Utah will become the fourth...more

App-etite for Notification: FTC Says “Welcome to the Jungle” to Mobile Health App Developers in Policy Statement on Health Breach...

Last week’s news that the Federal Trade Commission is taking steps to begin rulemaking on consumer privacy and artificial intelligence drew plenty of attention from privacy professionals, and suggests 2022 could be an...more

Worth the Wait? Key Takeaways from California Attorney General CCPA Enforcement Case Summaries

Before the CCPA became enforceable on July 1, 2020, much ink was spilled (or many keys were hit) about the California Office of the Attorney General’s (“OAG”) ability to obtain civil penalties for CCPA violations. After that...more

The Short Arm of GDPR? UK Court Decision Analyzes Application of GDPR to US-based Company

Organizations in the United States often ask us how to comply with GDPR. But starting with that question skips a key inquiry: the extent to which GDPR applies to a US company in the first place....more

The Virginia Consumer Data Protection Act: Top 7 Things to Know Right Now

The Virginia Consumer Data Protection Act (CDPA) became law earlier this week when the state’s governor signed a bill recently adopted by the state’s legislature, making Virginia the second state in the nation with a...more

HIPAA for the Holidays: How OCR's December HIPAA Notice of Proposed Rulemaking Could Impact Covered Entities

In case privacy lawyers did not have enough to keep up with over the holiday season (as we’ve mentioned, there’s already plenty to keep up with in Europe and California), HHS’s Office for Civil Rights recently issued a Notice...more

18 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide