With the onslaught of new privacy legislation and cyber threats coupled with upticks in enforcement, running a well-functioning and flexible privacy program is now, more than ever, a critical component of an organization’s...more
1/5/2024
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Compliance ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Privacy ,
EU ,
General Data Protection Regulation (GDPR) ,
Incident Response Plans ,
Personally Identifiable Information ,
Privacy Laws ,
Publicly-Traded Companies ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Sensitive Personal Information ,
State Privacy Laws ,
Targeted Digital Advertising
BCLP actively tracks the proposed, failed and enacted AI regulatory bills from across the United States to help our clients stay informed in this rapidly-changing regulatory landscape. The interactive map is current as of...more
On January 1, 2023, the California Privacy Rights Act of 2020, which amended the existing California Consumer Privacy Act (collectively, the “CPRA”) and Virginia’s Consumer Data Protection Act (“VCDPA”) went into effect....more
“Precise Geolocation” has become a hot button issue in the privacy world with recent data privacy laws seeking to regulate the collection and processing of such information, including in California and Virginia. The...more
3/30/2023
/ California Consumer Privacy Act (CCPA) ,
Consumer Information ,
Data Collection ,
Federal Trade Commission (FTC) ,
Geolocation ,
Guidance Update ,
Location Data ,
Location Privacy ,
Mobile Apps ,
Mobile Devices ,
Privacy Concerns ,
Third-Party Service Provider
The concept of Sensitive Personal Information (SPI) has made its way into new and emerging US privacy laws. The usual challenges associated with a novel privacy obligation certainly apply to Sensitive Personal Information,...more
2023 will be yet another dynamic year for data privacy regulation. In addition to the data privacy laws in Virginia, Colorado, Utah, and Connecticut going into force this year, businesses also have to contend with the fact...more
The American Data Privacy and Protection Act (“ADPPA”) has been working its way through Congress with notable bipartisan support. After a July 20th markup session in the House Committee on Energy & Commerce amending the bill,...more
The California Privacy Protection Agency (CPPA) Board met on September 23, 2022, to discuss ongoing efforts to prepare for the California Privacy Rights Act (CPRA), which becomes operative on January 1, 2023 (an agenda of the...more
By now, it is generally known that comprehensive privacy laws include requirements to allow consumers to opt-out of the sale of the their personal information, including personal information collected through the use of...more
9/19/2022
/ Advertising ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Covered Entities ,
Data Controller ,
Data Privacy ,
Data Selling ,
Opt-Outs ,
Personal Information ,
Privacy Laws ,
Search Engines ,
State Privacy Laws ,
Targeted Digital Advertising
Do Companies have a cure period for alleged violations under the California Privacy Rights Act (“CPRA”)?
No, the CPRA eliminates the thirty (30) day cure period originally permitted under the California Consumer Privacy...more
Unless the California legislature acts soon, the scope of information subject to the California Privacy Rights Act (“CPRA”) will include all employee or human resource-related personal information on January 1, 2023. To date,...more
6/15/2022
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Data Privacy ,
Data Subjects Rights ,
Employee Privacy Rights ,
Employer Liability Issues ,
Employer Responsibilities ,
Exemptions ,
Human Resources Professionals ,
Personal Data ,
Personnel Records ,
Risk Management
In the last year, we continued to see a shift in the privacy landscape of the United States, including the passage of comprehensive privacy legislation in both Virginia and Colorado, while other states still have bills under...more
In the last year, we continued to see a shift in the privacy landscape of the United States, including the passage of comprehensive privacy legislation in both Virginia and Colorado, while other states still have bills under...more
1/21/2022
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
COPPA ,
Covered Entities ,
Data Collection ,
FERPA ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
International Data Transfers ,
Personal Information ,
Prior Express Consent ,
Proposed Legislation
On November 3, 2020, Californians voted to pass Proposition 24, expanding and modifying the California Consumer Privacy Act (“CCPA”), which came into force on January 1, 2020. The new California Privacy Rights Act (“CPRA”)...more
On November 3, 2020, Californians voted to pass Proposition 24, expanding and modifying the California Consumer Privacy Act (“CCPA”), which came into force on January 1, 2020. The new California Privacy Rights Act (“CPRA”)...more
Colorado recently introduced a new privacy bill, the Colorado Privacy Act (CPA). The CPA has certain similarities with the well-known California Consumer Privacy Act (CCPA) and Virginia’s Consumer Data Protection Act (VCDPA)....more
The last few years have witnessed remarkable changes in the privacy world. The GDPR, the CCPA, the invalidation of the EU-US Privacy Shield framework and the related obligations resulting from the Schrems II decision - to...more
5/7/2021
/ Binding Corporate Rules ,
California Consumer Privacy Act (CCPA) ,
Data Controller ,
Data Processors ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Importers ,
International Data Transfers ,
Privacy Laws ,
Risk Assessment ,
Schrems I & Schrems II ,
Standard Contractual Clauses
On March 15, 2021, California Attorney General, Xavier Becerra, announced additional California Consumer Privacy Act (CCPA) regulations. These new changes went into effect on March 15, 2021....more
On November 3, 2020, Californians voted to pass Proposition 24, expanding and modifying the California Consumer Privacy Act (“CCPA”), which came into force on January 1, 2020. The new California Privacy Rights Act (“CPRA”)...more
Although it received little notice, the CCPA was amended effective January 1, 2021 to clarify and modify the exemption relating to de-identified data, with particular focus on medical data. Specifically, AB 713 amended the...more
On November 3, 2020, Californians voted to pass Proposition 24, expanding and modifying the California Consumer Privacy Act (“CCPA”), which came into force on January 1, 2020. The new California Privacy Rights Act (“CPRA”),...more
On November 3, 2020, the state of California voted to pass Proposition 24, also known as The California Privacy Rights and Enforcement Act of 2020 (“CPRA”). As a result of this vote, businesses dealing with personal...more
11/6/2020
/ Administrative Agencies ,
Amended Legislation ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Employees ,
Enforcement Authority ,
Exemptions ,
General Data Protection Regulation (GDPR) ,
Governor Newsom ,
Job Applicants ,
New Legislation ,
Personal Information
Given the recent updates to CCPA, and the possible approval of California Privacy Rights Act (CPRA) which is on the November 3 ballot, it is increasingly likely that personal information collected in the course of clinical...more
On October 12, 2020, less than a month before California will vote on a referendum potentially overhauling the California Consumer Privacy Act (the “CCPA”), the California Attorney General published further proposed...more
The CCPA defines both “aggregate consumer information” and “deidentified information.” Aggregate consumer information is defined to mean “information that relates to a group or category of consumers, from which individual...more