I was hanging out with my friend this weekend, both catching up on emails from a coffee shop. After a while, he turned to me. “Well sh*t. Looks like my social security number might be on the dark web.”...more
What is a Privacy Policy? A company’s privacy policy details its commitments regarding the handling and use of consumer data. The policy must explicitly define the company’s practices for collecting, storing, processing, and...more
Since the passing of the California Consumer Privacy Act (CCPA) in 2018, California has led the nation in privacy regulation and enforcement. But, beginning July 1, 2024, Texas will be the new sheriff in town....more
We’ve previously written on the need for law firms to scrutinize the data security protections in place at all third-party vendors who have access to client confidential information. Clearly, that’s still good advice....more
On April 17, Nebraska Governor Jim Pillen signed into law the Nebraska Data Privacy Act (the Act), making Nebraska the seventeenth state to enact general consumer data privacy legislation. The Act largely, but not completely,...more
Maybe. Hashing refers to the process of using an algorithm to transform data of any size into a unique fixed sized output (e.g., combination of numbers). ...more
As you fired-up your computer after last week’s New Year holiday, your inbox was likely filled with emails about updated privacy policies. You may remember receiving a similar wave of emails in May 2018....more
As security risks continue to be at the forefront of legislators’ agendas across the country, New York has joined the growing roster of states pressing businesses to develop more robust breach procedures. Originally proposed...more
Just prior to the sweltering hot weekend, Governor Cuomo signed into law the Stop Hacks and Improve Electronic Data Security Act, or SHIELD Act. Taking effect on March 22, 2020, the law imposes new obligations on entities to...more
Connected devices, or what is referred to as the “consumer internet of things” is big business right now. Consumers want to “talk” to their devices throughout their home wherever they are, and some organizations’ business...more
Earlier this year, California legislators proposed A.B. 981 (“the proposal”), which, among other things, would have exempted insurance institutions, agents and support organizations (“insurers”) from many provisions of the...more
In response to numerous comments regarding the California Consumer Privacy Act (CCPA), on February 21, 2019, Assembly Member Tom Daly (D-CA 69th) proposed AB 981, designed to clarify the privacy protection laws applicable to...more
The FTC and many state attorneys general aggressively monitor apps, websites, and internet-connected products for COPPA compliance. In the United States, collecting data directly from children under 13 years of age is...more
The CNIL decision handed down on 21 January 2019, which cites violations of several GDPR obligations, provides important insights for groups wishing to benefit from the “one-stop-shop mechanism”. The Complaints - Not...more
The European Union's General Data Protection Regulation (GDPR) is the most comprehensive data privacy regulation in the world. It also confers upon supervisory authorities – i.e., regulators within the European Union Member...more
The state of California recently passed privacy legislation that imposes stringent requirements on organizations that collect personal information from California residents. The California Consumer Privacy Act of 2018 (CCPA)...more
In a surprising twist, the California legislature rushed last week to pass one of the most comprehensive privacy laws in the country. The bill was introduced only a week prior, and within hours of passage, it was signed into...more
On June 28, 2018, California passed a sweeping new privacy bill, AB 375, now known as the California Consumer Privacy Act of 2018 (CCPA). The California legislature passed the bill in the morning and the governor signed...more
“GDPR – please not again …” In recent times there is hardly any other legal topic more often written and talked about than the new EU General Data Protection Regulation (“GDPR”). In light of the severe penalties and with...more
Privacy Matters examines the General Data Protection Regulations (GDPR) and practical tips on achieving compliance in advance of its implementation on May 25, 2018. This issue provides 10 steps that businesses and legal...more
While many cyber threats have special names, e.g., ransomware, malware, cryptolocker, advanced persistent threats or GRIZZLY STEPPE (a malicious cyber attack that occurred late in 2016), your retirement plan’s data may be...more
After a long delay, with a vote of 74 to 21, the United States Senate passed the Cybersecurity Information Sharing Act (CISA) on October 27, 2015. The bill has been touted as being controversial and is opposed by...more