Professional sports teams' greatest rivals in the coming seasons could be their own fans. With the increase of facial recognition technologies implemented within sports venues, compliance with state biometric privacy laws...more
Since the implementation of the EU’s General Data Protection Regulation (GDPR), the European Commission’s (EC) approved Standard Contractual Clauses (SCC) have been vital to the transfer of personal data to third countries...more
At select ballparks across the country, fans can speed through security screen procedures using thumbprint scans. Sports venues from Madison Square Garden to CenturyLink Field now use biometrics to enhance game day...more
If the past two years of ramping up compliance for the California Consumer Privacy Act (CCPA) wasn't fun enough, businesses have new compliance challenges ahead in the next couple of years. This past November, California...more
1/22/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
COPPA ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Personal Data ,
Popular
As anticipated by many experts in the field, the data security-focused private right of action under the California Consumer Privacy Act (CCPA) has resulted in claims alleging potential unauthorized access. FinTech data...more
9/23/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
FinTech ,
Health Technology ,
Information Governance ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Private Right of Action
In a decision issued on July 16, 2020, the Court of Justice of the European Union (CJEU) invalidated the EU-U.S. Privacy Shield Framework, one of the primary tools used by companies in the European Union (EU) to transfer...more
7/20/2020
/ Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Processors ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Ireland ,
Personal Data ,
Personally Identifiable Information ,
Schrems I & Schrems II ,
Standard Contractual Clauses
In mid-March, California Attorney General Xavier Becerra released the third set of California Consumer Privacy Act (CCPA) draft regulations. Around the same time, a number of business and trade organizations pleaded with the...more
4/6/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Management ,
Data Privacy ,
Data Protection ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Rulemaking Process ,
State and Local Government ,
State Attorneys General
Businesses subject to the California Consumer Privacy Act (CCPA) have found themselves in an odd position with respect to their compliance efforts. The CCPA was effective on January 1, 2020 but enforcement will not begin...more
2/13/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Risk Management ,
Rulemaking Process ,
State and Local Government ,
State Attorneys General
On January 16, 2020, the National Institute of Standards and Technology (NIST) issued its NIST Privacy Framework Version 1.0 (Privacy Framework). The Privacy Framework follows the same type of structure as the NIST Framework...more
1/24/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Cybersecurity Framework ,
Cybersecurity Maturity Model Certification (CMMC) ,
Data Privacy ,
Data Protection ,
Data Security ,
Framework Agreement ,
General Data Protection Regulation (GDPR) ,
NIST ,
Personal Data ,
Popular ,
Privacy Act of 1974 ,
Risk Management
A recent ruling in the Illinois Appellate Court maintained that biometric data claims under the Illinois Biometric Information Privacy Act (BIPA) do not amount to wage-and-hour claims subject to a luxury hotel owner's...more
4/24/2019
/ Appeals ,
Arbitration ,
Biometric Information ,
Biometric Information Privacy Act ,
Data Collection ,
Data Privacy ,
Employer Liability Issues ,
Employment Litigation ,
Fingerprints ,
Mandatory Arbitration Clauses ,
Personal Data ,
Personally Identifiable Information ,
Wage and Hour
Banks and other financial institutions rely on a relatively small number of core service providers to process customer personal and financial information. The National Association of Federally-Insured Credit Unions (NAFCU)...more
8/31/2018
/ Banking Sector ,
Data Breach ,
Data Protection ,
Digital Service Providers ,
Financial Institutions ,
Financial Services Industry ,
Gramm-Leach-Blilely Act ,
Interagency Guidance ,
Internet ,
Notification Requirements ,
Personal Data ,
State Data Breach Notification Statutes ,
Third-Party Service Provider ,
Vulnerability Assessments ,
Websites
On June 28, 2018, California enacted the California Consumer Privacy Act of 2018 (CCPA), which provides what is arguably the most restrictive privacy law in the U.S. and would likely have some effect on most businesses across...more
7/3/2018
/ Biometric Information ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
General Data Protection Regulation (GDPR) ,
New Legislation ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Private Right of Action ,
State and Local Government
Companies that routinely collect or process data of European Union residents have likely spent the past couple of years preparing for May 25, 2018. ...more
The European Court of Justice has declared invalid the Safe Harbor data-transfer agreement that has governed EU data flows across the Atlantic for the last 15 years. Thousands of U.S. companies have relied on the Safe Harbor...more
10/23/2015
/ Article 29 Working Party (WP29) ,
Binding Corporate Rules ,
Cybersecurity ,
Data Protection Authority ,
Edward Snowden ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
European Economic Area (EEA) ,
Facebook ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ireland ,
Model Contracts ,
National Security ,
National Security Agency (NSA) ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework