We are moving westward this week from Iowa to Nebraska in our series of articles providing in-depth summaries of state consumer privacy laws taking effect across the nation. Nebraska Governor Jim Pillen (R) signed the...more
On April 17, Nebraska Governor Jim Pillen signed into law the Nebraska Data Privacy Act (the Act), making Nebraska the seventeenth state to enact general consumer data privacy legislation. The Act largely, but not completely,...more
The effects of the COVID-19 outbreak are being felt globally as countries and communities around the world ramp up efforts to contain and limit the spread of the virus. Information gathering and sharing are crucial steps in...more
On March 21, 2020, companies will need to comply with yet another data privacy and security law when the New York Stop Hacks and Improve Electronic Data Security Act ("NY SHIELD Act") takes effect. The SHIELD Act is unique in...more
On January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) went into effect. The CCPA applies to a wide range of companies and broadly governs the collection, use and sale of personal information of California...more
As of January 1, 2020, California became the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages between $100-$750 per incident, even in the absence of any actual...more
Effective October 23, 2019 for changes in data breach notification requirements, and March 21, 2020 for new data security requirements, New York’s “Stop Hacks and Improve Electronic Data Security Act” (SHIELD Act) broadens...more
On August 6, 2019, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) released ISO/IEC 27701 (ISO 27701), a privacy extension to ISO/IEC 27001 and ISO/IEC 27002...more
In response to numerous comments regarding the California Consumer Privacy Act (CCPA), on February 21, 2019, Assembly Member Tom Daly (D-CA 69th) proposed AB 981, designed to clarify the privacy protection laws applicable to...more
The state of California recently passed privacy legislation that imposes stringent requirements on organizations that collect personal information from California residents. The California Consumer Privacy Act of 2018 (CCPA)...more
In a surprising twist, the California legislature rushed last week to pass one of the most comprehensive privacy laws in the country. The bill was introduced only a week prior, and within hours of passage, it was signed into...more
On February 27, 2018, the Federal Trade Commission (FTC) announced that it had reached an agreement with PayPal to settle allegations that its peer-to-peer payment service, Venmo, engaged in deceptive acts and practices and...more
The FTC has recently provided specific guidance on what it considers appropriate data breach protection activity by financial institutions. Such guidance came by virtue of a proposed consent order, dated August 29, 2017,...more
‘Tis the season for listening. Joining a previous Presidential Commission invitation, the Federal Trade Commission (the FTC) is now seeking comments on the GLB Safeguards Rule. The GLB Safeguards Rule, which took effect in...more
Lawyers and compliance professionals constantly tout the importance of internal information security policies, particularly in light of data privacy problems that are reported almost daily in the media. Admittedly, drafting...more
By some estimates, cybercrime costs the global economy $445 billion annually. If cybercrime were a single country, this dollar amount would place it within the world’s top 30 countries in terms of gross domestic product, and...more