On April 17, 2024, Nebraska’s governor signed Legislative Bill 1074, which establishes a consumer data privacy law for the state. Nebraska’s law takes effect January 1, 2025. To Whom does the law apply? The law applies to...more
The Georgia Senate voted to pass the Georgia Consumer Privacy Protection Act (SB 473) on Feb. 27th. Although the bill is similar to many other comprehensive state privacy laws, there are some notable distinctions....more
The early weeks of 2024 have seen continued activity on the state comprehensive privacy law front. Since our last update, at least 11 new comprehensive privacy bills have been proposed. In particular, Georgia, Hawaii,...more
Washington State and Nevada have now passed health data privacy laws that impose obligations relating to the collection, processing, and sharing of “consumer health data.” Both laws (collectively, State Health Data Privacy...more
Iowa became the sixth U.S. state to pass a comprehensive privacy law after the governor signed Senate File 262 (“the Act”) on March 28. The Act significantly echoes its non-California predecessors, particularly the Utah...more
When an entity shares data outside of its organization, the following questions often arise: Does the FCRA or GLBA (or both) apply to the specific type of data sharing? And how do these laws impact my company’s financial...more
The past two weeks have seen continued developments in the state comprehensive privacy legislative landscape. Maryland, Minnesota, and Texas have entered the fray with new proposals, bringing the total number of states that...more
On Wednesday February 1, 2023, the NAIC Privacy Protections Working Group (the Working Group) released a draft of a new model law for comment, the Insurance Consumer Privacy Protection Model Law (#674) (the Proposal), which...more
Recently, the CFPB released an outline of proposed measures related to the Bureau’s Dodd-Frank Section 1033 rulemaking efforts that would allow consumers to take control of their personal financial data and determine which...more
Editor’s Note: On September 29, 2022, HaystackID shared an educational webcast on the topic of US privacy law. As privacy continues to move to the forefront of not only information consideration but of business concern for...more
The Massachusetts Information Privacy and Security Act (MIPSA) continues to advance through the state legislative process, and is now before the full legislature. While the Act has several hurdles to clear before becoming...more
Facial recognition technology, drones the size of a butterfly, secure microchips replacing magnetic stripes on credit cards, sensors the size of a grain of sand swallowed by patients that transmit data directly to the...more
First we take Sacramento, then we take Berlin: How do US data protection laws affect how you do business. The webinar is aimed at in-house or outside counsel, as well as data protection and compliance officers. In this...more
Comments to the final California Consumer Privacy Act regulations asked if the CCPA carve-out regarding the Gramm Leach Bliley Act (GLBA), the data protection law governing US financial institutions, applies to: ...more
As state legislatures begin their 2020 sessions, proposals for stronger privacy laws are at the top of the agenda across the country. Carrying forward the story we told in reports in February, April, and July of last year,...more
The Florida Senate and House of Representatives are considering two bills (SB 1670 and HB 963) that, if adopted, will amend Florida law to create the state’s first comprehensive privacy law (though they do not go nearly as...more
Nevada has followed in the footsteps of California and its enactment of the game-changing California Consumer Privacy Act of 2018 (“CCPA”) with a significant enhancement to the state’s own consumer privacy law. Known as...more
The California Consumer Privacy Act of 2018 ("CCPA") was signed into law on June 28, 2018 and will take effect on January 1, 2020. The enforcement date - the first date on which the Attorney General may bring an enforcement...more
While businesses have been focused on meeting the looming January 1, 2020 deadline of the California Consumer Privacy Act ("CCPA"), Nevada just ratchetted up the heat by imposing an earlier October 2, 2019 deadline for...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - NIST Director Discusses Future Development of Cybersecurity Framework - On March 4, the director of the National Institute of Standards and Technology...more
Looking Back - the California Consumer Privacy Act, and How We Got Here - As companies were getting up-to-speed on the effects of the European Union’s General Data Protection Regulation (GDPR) last year, California quickly...more
As we explained in our last alert, California’s new comprehensive data privacy law is to take effect on January 1, 2020. For companies subject to this law, compliance will require a substantial investment of time, effort,...more
Although numerous attempts have been made to pass a comprehensive U.S. privacy law over the years, this one might actually succeed. Efforts have begun on multiple fronts. From Senate Commerce Committee hearings to several...more
With enactment of the Personal Information Protection Act (PIPA), Bermuda can now count itself among the ever-expanding list of jurisdictions with enhanced privacy protections. PIPA, passed on July 27, 2016, and entered into...more
On Tuesday, June 27, the Illinois legislature passed HB 3449, the “Geolocation Privacy Protection Act.” If signed by Governor Bruce Rauner (R), the bill would prohibit a “private entity” from collecting, using, storing or...more