State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: CFIUS Update: Key Takeaways from the FIRRMA Implementing Regulations
Do you know what cookies your company’s website is using? If not, you likely do not know whether your company’s website is honoring users’ data protection choices involving the use of cookies. You should know and care so your...more
On August 31, the California assembly passed SB1223, which amends the CCPA/CPRA to include “neural data” as a type of sensitive data. SB1223, which is likely to become law, defines “neural data” as “information that is...more
Recent U.S. developments indicate a growing focus on regulating and investigating the data privacy practices of companies in the automotive sector. The Federal Trade Commission (FTC) recently highlighted in a blog post its...more
Keypoint: Maryland’s bill diverges from other Washington Privacy Act variants passed to date with unique data minimization, sensitive data, minor’s data privacy, and unlawful discrimination provisions (among others)....more
Texas, long lauded as one of the most “business-friendly” states, has passed a comprehensive privacy law that will bring new regulations to consumer personal data. The new Texas Data Privacy and Security Act (“TDPSA”), H.B....more
The year 2023 will continue to have cybersecurity and data privacy front of mind for General Counsels. With sweeping new US and global laws and regulations coming online and the California Privacy Protection Agency (CPPA)...more
A data inventory is a detailed account of how a business processes personal data. While this is not an exhaustive list, a data inventory should contain information such as purpose of collecting the data, volume of individual...more
In sports, they sometimes call it a rebuilding year - the team hires new players or a new coach, restructures, updates strategy, and prepares for the next season. In the world of California privacy compliance, 2021 was a...more
Beginning next summer, business that meet certain thresholds must comply with the Connecticut law, including several - now common place - individual privacy rights and a requirement to obtain opt-in consent before processing...more
On May 4, 2022, the Connecticut legislature passed S.B. 6 entitled the “Connecticut Data Privacy Act” (CDPA) with the bill now moving to Governor Ned Lamont’s desk for signature. Although Governor Lamont is generally expected...more
Just as businesses are preparing to ensure compliance with similar laws in California, Colorado, and Virginia, they soon will need to consider a fourth jurisdiction, Utah. On March 24, 2022, Governor Spencer Cox signed a...more
Keypoint: The CPRA requires that businesses use certain types of sensitive personal information only for limited purposes, otherwise they must notify consumers of the additional purposes and provide consumers the opportunity...more
In the last year, we continued to see a shift in the privacy landscape of the United States, including the passage of comprehensive privacy legislation in both Virginia and Colorado, while other states still have bills under...more
Californians voted to enact the California Privacy Rights Act (“CPRA”) almost one year ago. Last week, Governor Gavin Newsom signed three new privacy bills into law....more
Privacy laws have entered the compliance world by storm and are quickly changing data privacy practices. The most recent state, Colorado, passed the Colorado Privacy Act (CPA) into law on July 7, 2021. This new act follows...more
Authors: David Manek, Joe Shepley and Mark Melnychenko The California Privacy Rights Act (CPRA) which goes live January 1, 2023 introduces data retention and deletion requirements very similar to those that we see in the...more
There are many similarities between the Colorado Privacy Act (ColoPA), the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the Virginia Consumer Data privacy Act (VCDPA), and Europe’s GDPR,...more
Despite its antecedents in one of the most widely cited law review articles of all time from more than 130 years ago, modern United States privacy law is roughly twenty years old. Even though still in its relative infancy,...more
The Virginia Consumer Data Protection Act (CDPA) overwhelmingly passed both legislative chambers this month and is expected to be signed by the Governor in the coming weeks with an effective date of January 1, 2023. Best...more
On June 7, 2021, the Colorado House of Representatives passed the Colorado Privacy Act (CPA), a comprehensive privacy law similar to the California Privacy Rights Act (CPRA) and California Consumer Privacy Act (CCPA), as well...more
Virginia recently joined California in enacting a comprehensive data protection law intended to protect the privacy of its residents. The Virginia Consumer Data Protection Act (the “VCDPA”) is scheduled to take effect on...more
On March 2, 2021, Virginia enacted the Consumer Data Protection Act (“VCDPA”). The VCDPA will become effective January 1, 2023. The VCDPA shares its roots with the California Consumer Protection Act (“CCPA”) and the recently...more
In a notable event on Election Day this November, California voters approved amendments to the California Consumer Privacy Act (CCPA) and enacted a new statute – the California Privacy Rights Act (CPRA). The new statute...more
While the world anxiously awaited the results of the November 2020 U.S. federal elections, California silently passed California Proposition 24, the California Privacy Rights Act (CPRA). Labeled on the ballot simply as...more
The California Privacy Rights Act (CPRA) expands the definition of personal information as it currently exists in the California Consumer Privacy Act (CCPA). The CPRA adds “sensitive personal information” as a defined term,...more