State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: CFIUS Update: Key Takeaways from the FIRRMA Implementing Regulations
Do you know what cookies your company’s website is using? If not, you likely do not know whether your company’s website is honoring users’ data protection choices involving the use of cookies. You should know and care so your...more
On August 31, the California assembly passed SB1223, which amends the CCPA/CPRA to include “neural data” as a type of sensitive data. SB1223, which is likely to become law, defines “neural data” as “information that is...more
Recent U.S. developments indicate a growing focus on regulating and investigating the data privacy practices of companies in the automotive sector. The Federal Trade Commission (FTC) recently highlighted in a blog post its...more
California has a long history of protecting privacy rights. Article I, Section 1, of the California Constitution expressly provides a right of privacy. Recently, the focus has been on compliance with the California Consumer...more
The state of California is on the verge of amending its current data broker law with Senate Bill 362, also known as the Delete Act (“the Act”). The Act passed in the Assembly’s Committee on Privacy and Consumer Protection and...more
Texas, long lauded as one of the most “business-friendly” states, has passed a comprehensive privacy law that will bring new regulations to consumer personal data. The new Texas Data Privacy and Security Act (“TDPSA”), H.B....more
March wrapped up with several significant state privacy developments. First, on March 28, Iowa Governor Kim Reynolds signed Senate File 262 (SF 262) into law, making Iowa the sixth state to adopt comprehensive data privacy...more
The year 2023 will continue to have cybersecurity and data privacy front of mind for General Counsels. With sweeping new US and global laws and regulations coming online and the California Privacy Protection Agency (CPPA)...more
The Colorado Department of Law filed a set of proposed rules to implement the Colorado Privacy Act (Draft CO Rules) on Sept. 29, 2022, foreshadowing additional compliance obligations that businesses will have to strive to...more
The American Data Privacy and Protection Act (the “ADPPA”), a bill that would establish a comprehensive federal data privacy framework in the U.S., was formally introduced in the U.S. House of Representatives on June 21,...more
Last week, Representatives Frank Pallone (D-NJ) and Cathy McMorris Rodgers (R-WA) and Senator Roger Wicker (R-MS) released a draft federal privacy proposal titled the American Data Privacy and Protection Act (ADPPA). ADPPA is...more
Beginning next summer, business that meet certain thresholds must comply with the Connecticut law, including several - now common place - individual privacy rights and a requirement to obtain opt-in consent before processing...more
Keypoint: The CPRA is relatively prescriptive in how organizations must receive and respond to consumer requests, while the CPA and VCDPA introduce an appeal process and other nuances that will require adjusting existing CCPA...more
Just as businesses are preparing to ensure compliance with similar laws in California, Colorado, and Virginia, they soon will need to consider a fourth jurisdiction, Utah. On March 24, 2022, Governor Spencer Cox signed a...more
The Massachusetts Information Privacy and Security Act (MIPSA) continues to advance through the state legislative process, and is now before the full legislature. While the Act has several hurdles to clear before becoming...more
The California Consumer Privacy Act (CCPA), considered one of the most expansive U.S. privacy laws to date, went into effect on January 1, 2020. The CCPA placed significant limitations on the collection and sale of a...more
In the last year, we continued to see a shift in the privacy landscape of the United States, including the passage of comprehensive privacy legislation in both Virginia and Colorado, while other states still have bills under...more
There are many similarities between the Colorado Privacy Act (ColoPA), the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the Virginia Consumer Data privacy Act (VCDPA), and Europe’s GDPR,...more
Virginia recently joined California in enacting a comprehensive data protection law intended to protect the privacy of its residents. The Virginia Consumer Data Protection Act (the “VCDPA”) is scheduled to take effect on...more
Since the passage of the CCPA in 2018, there has been a flurry of proposed state laws aimed at regulating the areas of cybersecurity and data privacy in the absence of federal comprehensive legislation. Additionally, there...more
On March 2, 2021, Virginia enacted the Consumer Data Protection Act (“VCDPA”). The VCDPA will become effective January 1, 2023. The VCDPA shares its roots with the California Consumer Protection Act (“CCPA”) and the recently...more
The California Privacy Rights Act of 2020 (CPRA) becomes operative on January 1, 2023. Among its numerous amendments and additions to the existing California Consumer Privacy Act (CCPA), the CPRA expands the definition of...more
Well, California is at it again. Less than one year after the California Consumer Privacy Act (“CCPA”) took effect, the people of California voted to approve Proposition 24 (aka the California Privacy Rights Act, the “CPRA”)...more
On November 3, 2020, Californians voted to approve Proposition 24, a ballot measure that creates the California Privacy Rights Act (CPRA). The CPRA amends and expands the California Consumer Privacy Act (CCPA)—California’s...more
In a notable event on Election Day this November, California voters approved amendments to the California Consumer Privacy Act (CCPA) and enacted a new statute – the California Privacy Rights Act (CPRA). The new statute...more