The Federal Trade Commission (FTC) has been actively flexing its authority as a privacy regulator in recent months. The agency has been especially focused on identifying data practices it views to be “unfair”, thereby...more
Womble Bond Dickinson’s content series—Innovation Interchange: The Power of Cross-Industry Insight—explores emerging challenges from the viewpoint of trendsetting industries. ...more
As the Paris 2024 Summer Olympic and Paralympic Games (the “Games”) turn onto the final straight, the Games have yet again captured widespread global attention, on and off the track. With over 15.3 million visitors in Paris...more
I was hanging out with my friend this weekend, both catching up on emails from a coffee shop. After a while, he turned to me. “Well sh*t. Looks like my social security number might be on the dark web.”...more
The Consumer Financial Protection Bureau's (CFPB) eyes are on the gaming industry and the potential harm consumers may suffer from data security and privacy concerns....more
Since the passing of the California Consumer Privacy Act (CCPA) in 2018, California has led the nation in privacy regulation and enforcement. But, beginning July 1, 2024, Texas will be the new sheriff in town....more
On April 17, Nebraska Governor Jim Pillen signed into law the Nebraska Data Privacy Act (the Act), making Nebraska the seventeenth state to enact general consumer data privacy legislation. The Act largely, but not completely,...more
Businesses take heed: California state officials just warned that the law prohibits you from collecting unnecessary data and retaining data for longer than necessary. The California Privacy Protection Agency published its...more
On February 28, 2024, President Biden issued Executive Order 14117 (the EO) on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern” that would...more
This post is part of a series of articles we are doing on 2023 data protection litigation trends. While the California Consumer Privacy Act (CCPA) is most known for its onerous privacy compliance obligations, the law also...more
In this episode of On Record PR, Gina Rubel goes on record with Aihong Yu, Chief Privacy Counsel of CDK Global, to discuss how embracing privacy and security measures…...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
NIST has now finalized its guidance providing important information on selecting both security and privacy control baselines for the Federal Government. The guidance is available here: Special Publication 800-53B, Control...more
As the Covid-19 Pandemic forces more employees than ever before to work from home (“WFH”), businesses face new and different data privacy and security risks. This change is not lost on U.S. regulators, but it does not mean...more
By March 21, 2020, nearly every business - not only those that conduct business in New York State - that owns or licenses computerized data that includes the private information of any New York State resident, will be...more
We are living in the age of data and big data, where everyone wants to collect as much information as possible. The ability to analyze and monetize such information is a key strategy and selling point for many businesses. ...more
As one of the oldest and most recognized data privacy and security practices, we have had the honor of helping dozens of companies set up and evolve their data privacy programs over the past decade. That experience has given...more
On March 21, 2020, companies will need to comply with yet another data privacy and security law when the New York Stop Hacks and Improve Electronic Data Security Act ("NY SHIELD Act") takes effect. The SHIELD Act is unique in...more
To help identify trends in privacy representations, BCLP surveyed the websites and privacy notices of the hotel and lodging industry. The survey included hotel operators that are part of the Fortune 500, or that are the top...more
The United States has always had privacy law. For most of our history it mainly regulated the government in connection with its citizens. About 20 years ago we started modern privacy - presumably why we have Data Privacy...more
The potential statutory damages under the CCPA dwarf almost every previous large data breach settlement in the United States. To mitigate the risk of this increased exposure, companies need to take key steps to ensure they...more
As you fired-up your computer after last week’s New Year holiday, your inbox was likely filled with emails about updated privacy policies. You may remember receiving a similar wave of emails in May 2018....more
In recent years, many states have been updating their data privacy laws to account for new technologies and security risks. On Oct. 23, 2019, a New York law on data breach notification requirements became effective. The Stop...more
Addressing cybersecurity risks invariably involves very technical matters. As a result, in many companies the IT department has been responsible for developing and implementing cybersecurity plans and procedures....more
New cybersecurity and data privacy laws will impose substantial new obligations on businesses that collect information about residents of those states. Regardless of their location or size, nonprofit organizations that...more