Since the passage of the California Consumer Privacy Act (CCPA) in 2018, other U.S. states have followed suit by enacting comprehensive consumer data privacy laws in rapid succession. While these state consumer privacy laws...more
Danielle Ocampo, a member of the CLA’s Law Section, interviewed Steve Millendorf (Partner, San Diego) to gain a deeper understanding of how California is approaching and implementing the EU AI Act.
How do the principles...more
On January 29 the California legislature introduced the California Children’s Data Privacy Act (AB 1949) in what appears to be the first bill proposed to amend the California Consumer Privacy Act (CCPA) since passage of...more
On October 30, 2023, President Biden signed the 53-page Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence that significantly advances the United States' policy framework...more
11/17/2023
/ Algorithms ,
Artificial Intelligence ,
Biden Administration ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Equity ,
Executive Orders ,
Innovative Technology ,
Machine Learning ,
National Security ,
OMB ,
Popular ,
Regulatory Agenda ,
Regulatory Oversight
On September 15, 2022 California Governor Gavin Newsom signed the California Age-Appropriate Design Code Act (CAADCA) into law. The CAADCA takes effect July 1, 2024, and brings vast changes to the online compliance landscape...more
On June 18, 2023, Texas Governor Greg Abbott signed H.B. 4, otherwise known as the Texas Data Privacy and Security Act (TDPSA). Following substantive legislative action in Tennessee, Montana, and Indiana, Texas now becomes...more
7/19/2023
/ Consumer Privacy Rights ,
Data Privacy ,
Data Protection Acts ,
Data Security ,
Governor Abbott ,
New Legislation ,
New Regulations ,
Regulatory Agenda ,
Regulatory Reform ,
State and Local Government ,
State Data Privacy Laws ,
State Privacy Laws ,
Texas
As we previously discussed, earlier this year the National Institute of Standards and Technology (NIST) launched the Trustworthy and Responsible AI Resource Center. Included in the AI Resource Center is NIST’s AI Risk...more
7/6/2023
/ Artificial Intelligence ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Hardware ,
Information Governance ,
Machine Learning ,
NIST ,
Raw Data Metrics ,
Reliability Standards ,
Risk Management ,
Safety Standards ,
Software ,
Third-Party ,
Transparency ,
Validation and Re-Validation Requirements
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
On May 4, 2022, the Connecticut legislature passed S.B. 6 entitled the “Connecticut Data Privacy Act” (CDPA) with the bill now moving to Governor Ned Lamont’s desk for signature. Although Governor Lamont is generally expected...more
5/6/2022
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
CDPA ,
Connecticut ,
Data Privacy ,
Data Security ,
DPPA ,
Enforcement ,
Fair Credit Reporting Act (FCRA) ,
FERPA ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Opt-Outs ,
Personal Data ,
Right-To-Access ,
Securities Exchange Act of 1934 ,
Sensitive Personal Information ,
State Data Privacy Laws
On July 7, 2021, Colorado Governor Jared Polis signed the Colorado Privacy Act (“CPA”) into law, making Colorado the third state to enact comprehensive privacy legislation, following in the footsteps of California and...more
7/23/2021
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
CDPA ,
Colorado ,
COPPA ,
Data Privacy ,
DPPA ,
Enforcement ,
Families First Coronavirus Response Act (FFCRA) ,
FERPA ,
General Data Protection Regulation (GDPR) ,
Governor Polis ,
Gramm-Leach-Blilely Act ,
HIPAA Access Request ,
New Legislation ,
Penalties ,
Privacy Laws ,
State Data Privacy Laws ,
Virginia
While the world anxiously awaited the results of the November 2020 U.S. federal elections, California silently passed California Proposition 24, the California Privacy Rights Act (CPRA). Labeled on the ballot simply as...more
11/13/2020
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Data Mapping ,
Data Privacy ,
Data Protection ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Policies and Procedures ,
Safe Harbors ,
Sensitive Personal Information
The California Attorney General Xavier Bacerra submitted the final proposed regulations (the “Regulations”) under the California Consumer Privacy Act of 2018 (“CCPA”) to the California Office of Administrative Law (“OAL”) on...more
On March 19, 2020, the European Data Protection Board (EDPB) adopted a statement on the processing of personal data in the context of the COVID-19 outbreak. The EDPB made it clear that while the EU’s General Data Protection...more
As industry continues to adapt to the evolving realities of shelter-in-place orders, companies face challenges in supporting an unprecedented remote workforce while balancing compliance with a variety of regulatory agencies....more
4/9/2020
/ Business Interruption ,
California Consumer Privacy Act (CCPA) ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Regulatory Standards ,
Remote Working ,
Small Business ,
State of Emergency
Connected devices, or what is referred to as the “consumer internet of things” is big business right now. Consumers want to “talk” to their devices throughout their home wherever they are, and some organizations’ business...more
6/7/2019
/ B2B Transactions ,
B2C ,
California Consumer Privacy Act (CCPA) ,
Connected Items ,
COPPA ,
Data Collection ,
Data Privacy ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Internet of Things ,
Manufacturers ,
Mobile Devices ,
Personal Data ,
Risk Management ,
Security and Privacy Controls ,
Smart Devices ,
Vendors
...On April 4, 2019, California Assembly Member Wicks proposed sweeping changes to bill AB 1760, effectively repealing the California Consumer Privacy Act of 2018 (CCPA) and replacing it with the Privacy for All Act of 2019...more
4/11/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Data Privacy ,
Disclosure Requirements ,
Opt-In ,
Personal Data ,
Private Right of Action ,
Proposed Amendments ,
Regulatory Oversight ,
Right to Be Forgotten ,
Third-Party Service Provider
On October 6, 2015, California Governor Jerry Brown signed into law several changes to California’s Data Breach Notification Statute. The law, as amended, adds additional categories of information into the definition of...more
10/12/2015
/ Breach Notification Rule ,
Consent ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Encryption ,
Governor Brown ,
New Legislation ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Third-Party ,
Websites
On October 6, 2015, the European Court of Justice — Europe’s highest court — invalidated the Safe Harbor agreement and framework that has permitted more than 4,000 companies to transfer personal data from the EU to the U.S....more
10/7/2015
/ Binding Corporate Rules ,
Data Privacy ,
Data Protection Authority ,
Data Security ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
International Data Transfers ,
National Security Agency (NSA) ,
Personal Data ,
Prior Express Consent ,
PRISM Program ,
SCC ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
Not coincidentally, on July 21, 2015, Wired Magazine published an article with groundbreaking evidence of hacking a car wirelessly, and Senators Edward Markey (D-Mass.) and Richard Blumenthal (D-Conn.) introduced legislation...more
7/24/2015
/ Automotive Industry ,
Cloud Computing ,
Cyber Attacks ,
Cybersecurity ,
Dashboard ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Security ,
Federal Trade Commission (FTC) ,
Hackers ,
Internet of Things ,
NHTSA ,
Personally Identifiable Information ,
Proposed Legislation ,
Safety Standards ,
Transparency ,
Wireless Technology