State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: CFIUS Update: Key Takeaways from the FIRRMA Implementing Regulations
Every week, the Array team reviews the latest news and analysis about the evolving field of eDiscovery to bring you the topics and trends you need to know. This week’s post covers the period of August 19-25. Here’s what’s...more
Millions of individuals could be at the mercy of cybercriminals after a hacking group launched a large-scale data breach impacting 2.9 billion records, including Social Security numbers and other sensitive information. The...more
The New York, Connecticut, and New Jersey AGs entered into settlements with biotechnology company Enzo Biochem, Inc. and its subsidiary Enzo Clinical Labs, Inc. (collectively, “Enzo”), to resolve allegations stemming from a...more
Data security is a major concern across virtually all areas of the legal profession particularly in 2024 thanks in part to a record-breaking number of cyber incidents last year that cost companies an average of $4.45 million...more
Rhode Island is the latest state to enact consumer privacy legislation. The Rhode Island Transparency and Privacy Protection Act (the "Act"), which passed into law on June 28, 2024, establishes a framework for controlling and...more
Major hospitals in London are grappling with severe disruptions following a cyberattack on Synnovis, a key pathology services provider. The attack has resulted in canceled surgeries and emergency patients being diverted to...more
Recent U.S. developments indicate a growing focus on regulating and investigating the data privacy practices of companies in the automotive sector. The Federal Trade Commission (FTC) recently highlighted in a blog post its...more
On April 4, 2024, Kentucky became the fifteenth state to enact a comprehensive data privacy law, with Governor Andy Beshear signing the Kentucky Consumer Data Protection Act (KCDPA) into law. The Kentucky law will go into...more
The UK’s data privacy regulator, the Information Commissioner’s Office (ICO), is investigating Microsoft over potential privacy concerns with its recently announced AI-powered “Recall” feature for Windows PCs. Microsoft...more
Melissa Duffy and Trevor Coval contributed their thought leadership to the American Conference Institute’s 14th Annual Global Encryption, Cloud & Cyber Export Controls Conference, held in San Francisco on May 14-16. Melissa...more
The final weeks for many state legislatures have witnessed significant movements in the U.S. data privacy landscape. Last month, Nebraska Governor Jim Pillen signed the Data Privacy Act, LB1074, into law....more
More than two months after the February 2024 Change Healthcare cyber-ransom attack, the healthcare industry continues to grapple with the fallout, creating significant challenges, disruptions, and outages to the healthcare...more
On April 25, 2024, the attorneys general of 22 states issued a letter encouraging UnitedHealth Group and its subsidiary, Change Healthcare, to take additional steps to respond to a massively disruptive cyberattack. The broad,...more
In addition to its well-publicized move to prohibit more than 150 million Americans from posting embarrassing dance videos of themselves on TikTok (at least while it is Chinese-owned), the U.S. federal government recently...more
The United States is among the minority of large economies in the world without a comprehensive national privacy law. In the absence of such a law, numerous states are filling the void with a complex assortment of often...more
On March 20, 2024 the U.S. House of Representatives unanimously approved a privacy-related bill, H.R. 7520 (the “Data Broker Bill).” This comes on the heels of another privacy-related bill approved by the House on March 13,...more
Multi-employer plan participants involved in an Employee Retirement Income Security Act of 1974 (ERISA) class action lawsuit against Horizon Actuarial Services LLC (Horizon), a national retirement services firm, have entered...more
On February 28, 2024, President Biden signed Executive Order (EO) 14117 titled “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” On March 5,...more
European Parliament Approves EU AI Act - On March 13, 2024, the European Parliament approved the EU Artificial Intelligence Act (“AI Act”). A first of its kind legal framework for AI, the AI Act has extraterritorial effect,...more
The Internet of Things (“IoT”) has ushered in a new era of connectivity and convenience, but with it comes a host of legal issues and emerging theories of liability. As IoT devices become increasingly ubiquitous in our daily...more
On March 5, 2024, the Department of Justice (DOJ) issued an Advance Notice of Proposed Rulemaking (ANPRM) regarding Access to Americans’ Bulk Sensitive Personal Data and Government-Related Data by Countries of Concern. The...more
On February 28, 2024, President Biden issued Executive Order 14117 (the EO) on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern” that would...more
On January 16, Gov. Phil Murphy (D) of New Jersey signed Senate Bill No. 332 into law. The New Jersey privacy law generally follows the same framework found in many of the comprehensive privacy laws enacted by other states...more
The Corporate Transparency Act (CTA), which became effective on January 1, requires that U.S. and foreign companies authorized to do business in the U.S. (each, a Reporting Company) report specific personal information...more
Consumer privacy protection must have been tops on the New Jersey legislature’s list of New Year’s resolutions. The year was just two weeks old and New Jersey became the first State in 2024 to enact a comprehensive privacy...more