The Mintz Privacy & Cybersecurity Blog will be providing regular updates of notable pending US state privacy laws. Following our similar previous updates, the most recent of which may be found here, this update checks in on...more
In a previous update, we provided a comprehensive round-up of several notable pending US state privacy laws. We are checking-in on the progression of some of those laws in this further update. The next installment will...more
On Tuesday, Virginia Governor Ralph Northam signed the Consumer Data Protection Act (“CDPA”) into law, making Virginia the second U.S. state after California to pass a comprehensive data privacy law. Those familiar with the...more
We summarized Virginia’s Consumer Data Protection Act (CDPA) in advance of its passage by the legislature and it now awaits Governor Ralph Northam’s signature. This will make Virginia the second state (behind California)...more
While we continue to await comprehensive US federal privacy legislation, and following California’s lead with its California Consumer Privacy Act of 2018 (CCPA), individual states are stepping up to the plate. Based on what...more
January 28 is known worldwide as “Data Privacy Day” or “Data Protection Day,” and it’s a good opportunity to remind everyone of some privacy basics – particularly as people are still working remotely and threats to...more
As businesses continue to work on compliance with the California Consumer Privacy Act (CCPA) and the multiple versions of regulations issued by the Attorney General’s Office, Attorney General Becerra has issued yet another...more
12/15/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Opt-Outs ,
Personal Information ,
Proposed Regulation ,
Public Comment ,
Rulemaking Process ,
State Attorneys General
2020 “back to school” has a whole new meaning in the age of COVID-19. Now, it is finally time for companies to take compliance with the California Consumer Privacy Act (“CCPA”) off the back burner and implement policies and...more
As we’ve been writing about in this space for some time, today marks the opening of the CCPA enforcement era. Despite protestations from the business community, and requests for delay due to the lack of regulations until...more
7/1/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Coronavirus/COVID-19 ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Personal Information ,
Privacy Laws ,
State Attorneys General
Just as businesses are gearing up for the start of enforcement of the California Consumer Privacy Act (“CCPA”), California cleared the way for the California Privacy Rights Act (“CPRA”). The CPRA is an initiative imposing...more
Amidst multiple investigations into the privacy and security practices at Zoom Video Communications (“Zoom”), New York Attorney General Letitia James recently announced a settlement agreement with Zoom after the failings of...more
5/13/2020
/ Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Department of Education ,
Facebook ,
Popular ,
Settlement Agreements ,
State Attorneys General ,
Videoconference ,
Virtual Meetings ,
Zoom®
Last month, we reported that the United States Senate, Committee on Commerce, Science, and Transportation, conducted a hearing on “Enlisting Big Data in the Fight Against Coronavirus.” Specifically, the Committee focused on...more
As of March 12, 2020, the proposed Washington Privacy Act has foundered on enforcement rocks. The Senate did not agree with the House’s amendment that would have included a broad private right of action. The Senate’s version...more
3/13/2020
/ Consumer Privacy Rights ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Authority ,
Infectious Diseases ,
Opt-Outs ,
Personal Data ,
Privacy Laws ,
State and Local Government ,
State Data Breach Notification Statutes
As we reported here, the final days of the 2019 California legislative session are winding down, with important amendments to the California Consumer Privacy Act (CCPA) still pending. In Thursday’s Senate session, AB 1130 was...more
According to our CCPA Countdown Clock, we are 161 days and counting to the effective date of the California Consumer Privacy Act. The Mintz Privacy team is deeply involved in working with clients on developing compliance...more
The Supreme Court on Tuesday will hear arguments in United States v. Microsoft Corp., in which the court will decide whether a US technology service provider, Microsoft, must obey a search warrant for data stored in a foreign...more
Recently, Uber agreed to a proposed Federal Trade Commission (FTC) consent order (“Consent Order”) to settle charges in an FTC complaint (“Complaint”) regarding behavior stemming back to at least 2014. Acting Chairman Maureen...more
8/25/2017
/ Consent Order ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
FTC Act ,
Misrepresentation ,
Personally Identifiable Information ,
Popular ,
Uber
If you are a retailer with locations in New Jersey, you will need to review your procedures in anticipation of a new law effective October 1, 2017....more
Decisions you make when founding and/or investing in an insurtech venture can dictate your regulatory obligations, tax liability, operational structure and, ultimately, profitability.
Here are five seemingly simple...more
7/11/2017
/ Data Breach ,
Data Privacy ,
Department of Financial Services ,
EU Data Protection Laws ,
Insurance Industry ,
Insuretech Sector ,
Investors ,
NYDFS ,
Popular ,
Profits ,
Startups ,
Tax Liability ,
Venture Funding
Developers and operators of educational technology services should take note. Just before the election, California Attorney General Kamala Harris provided a document laying out guidance for those providing education...more
The term “cloud computing,” — a process by which remote computers are used to store, manage and process data — is no longer an unfamiliar term. According to at least one estimate, “approximately 90 percent of businesses...more
According to the FBI, “there are only two types of companies: those that have been hacked and those that will be.” It does not take an actual data breach, however, for a company to be liable for its data security practices. ...more
7/20/2016
/ Consumer Financial Protection Bureau (CFPB) ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Security ,
Dwolla ,
FinTech ,
FTC v Wyndham ,
Hackers ,
Personal Data ,
Privacy Laws
For the first Tuesday in November, we have 10 easy steps to make sure that your data breach incident response planning is viewed from that pesky point of view of a litigator....more
11/3/2015
/ Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Breach Plans ,
Data Privacy ,
Data Protection ,
Data Security ,
Email Policies ,
Personally Identifiable Information ,
Popular ,
Tone At The Top ,
Training
As all of our readers know by now, as of October 6, the US-EU Safe Harbor Framework is no more. Safe Harbor was the mechanism on which thousands of US companies (and thousands of companies based in the European Union)...more
10/22/2015
/ Data Privacy ,
Data Protection ,
Data Protection Authority ,
Data Security ,
EU ,
EU Data Protection Laws ,
European Court of Justice (ECJ) ,
International Data Transfers ,
Israel ,
Model Contracts ,
Personal Data ,
SCC ,
Schrems I & Schrems II ,
Switzerland ,
US-EU Safe Harbor Framework
On October 20, 2015, the Irish High Court ordered the Irish Data Protection Commissioner (DPC) to investigate Facebook’s European data privacy practices, bringing Max Schrems’ three-year fight full circle. The Court quashed...more
10/21/2015
/ Article 29 Working Party (WP29) ,
Data Privacy ,
Data Protection Authority ,
Data Protection Commissioner ,
Data Security ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
International Data Transfers ,
Ireland ,
Legal Costs ,
Motions to Quash ,
Personal Data ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework