DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
The Federal Trade Commission (FTC) has been actively flexing its authority as a privacy regulator in recent months. The agency has been especially focused on identifying data practices it views to be “unfair”, thereby...more
Over the weekend, lawmakers unveiled the latest push for a federal privacy law – the American Privacy Rights Act (APRA). The bill was circulated as a discussion draft by Sen. Maria Cantwell (D-WA), Chair of the Senate...more
On February 21, 2024, California Attorney General Rob Bonta ("Cal AG") announced that his office reached a settlement with DoorDash, the food delivery service company, for violating the California Consumer Privacy Act...more
New Jersey rang in the new year with the signing of a state privacy bill. On Jan. 16, Gov. Phil Murphy signed SB No. 322, stating he was proud that New Jersey had joined the ranks of states with consumer privacy bills....more
Since late June 2023, the California Privacy Protection Agency (CPPA) has been prohibited by court order from enforcing the regulations it finalized on March 29 of last year. According to that ruling, because the text of the...more
With the first month of 2024 now behind us, it is time for organizations to start seriously considering key comprehensive state data privacy compliance obligations for 2024. In total, seven states passed data privacy laws...more
Global Privacy Controls, vendor management, sensitive personal information, and the use of Ad Tech; new U.S. state data protection laws introduce twists to traditional notions of American data protection law. In the U.S.,...more
On Wednesday, March 15, the Colorado Attorney General’s Office announced the finalization of the Colorado Privacy Act Rules (“Rules”). The Rules implement the Colorado Privacy Act (CPA), a comprehensive privacy law enacted in...more
With only four months left before most changes to the federal Standards for Safeguarding Customer Information (“Safeguards Rule”) – a component of the Gramm-Leach Bliley Act (“GLBA”) that provides for the protection of...more
On August 24, 2022, California Attorney General (“CA AG”) Rob Bonta announced a settlement with Sephora USA, Inc. that includes a $1.2 million fine—the first monetary penalty imposed under the CCPA. The settlement also...more
On July 8, 2022, the California Privacy Protection Agency (“CPPA”) published draft regulations in the California Regulatory Notice Register (“Draft Regulations”) mandated by the California Privacy Rights Act (“CPRA”). The...more
On June 23, 2022, Representatives Pallone, Rodgers, Schakowsky, and Bilirakis introduced the American Data Privacy and Protection Act, HR 8152. This Act represents an effort to create a comprehensive federal privacy law. ...more
“Businesses, service providers, and contractors are to comply with not just the letter of the (California Consumer Privacy Act), but the spirit of the law.” That is according to a new Initial Statement of Reasons issued...more
The latest update surrounding Hunstein v. Preferred Collection and Management Services, Inc., Case No. 19-14434 centers not on the Eleventh Circuit or the Hunstein decision itself but on the district courts nationwide that...more
Companies collecting consumer DNA for non-medical purposes seem to be playing fast and loose with their customers’ data, according to a well-regarded consumer watchdog. This category of private money makers, which could...more
Since 2018, a consistent stream of newly adopted privacy laws and other regulatory developments (such as GDPR, CCPA, Schrems II, and the new EU Standard Contractual Clauses) has required companies to make regular updates to...more
On June 14, 2021, the Eleventh Circuit Court of Appeals issued a one-line order stating that the Court was withholding issuance of the mandate in Hunstein v. Preferred Collection and Management Services, Inc....more
Does the federal Fair Debt Collection Practices Act (the FDCPA) apply to communications between a debt collector and its vendors? And, is the FDCPA a consumer privacy statute? In an apparent issue of first impression, the...more
First we take Sacramento, then we take Berlin: How do US data protection laws affect how you do business. The webinar is aimed at in-house or outside counsel, as well as data protection and compliance officers. In this...more
California voters signaled that privacy is a top priority by overwhelmingly approving Proposition 24 on Nov. 3, 2020—the California Privacy Rights Act (CPRA). The CPRA amends and significantly strengthens the recently enacted...more
The California Consumer Privacy Act became effective on Jan. 1. Included among its provisions is the grant of a private right of action on behalf of any consumer “whose nonencrypted and nonredacted personal information…is...more
Enforcement of the California Consumer Privacy Act (CCPA) began July 1, 2020. Our privacy team at Troutman Pepper includes several attorneys who worked in an attorney general’s office. This privacy regulatory team has...more
No. Under the final regulations promulgated by the California Attorney General, where a business collects information as a service provider for another business, the service provider has no obligation to present its...more
Part three of this CCPA client alert series focuses on the obligations for service providers pursuant to the CCPA. The California Consumer Privacy Act of 2018 (the “CCPA”) and the related proposed Attorney General...more
Probably. When a business receives a request from a consumer to access the personal information that the business has “collected,” it must decide whether to grant the request or to deny it based upon one of the exceptions...more