The push by U.S. states to pass data privacy laws continues with Maryland being the 18th state to join their ranks. However, Maryland has taken a more stringent and comprehensive approach than many of its peers: Governor Wes...more
5/17/2024
/ Commodity Exchange Act (CEA) ,
Consumer Privacy Rights ,
COPPA ,
Data Protection ,
Fines ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Maryland ,
Opt-Outs ,
Penalties ,
Personal Data ,
Personal Information ,
Popular ,
Securities Exchange Act
As U.S. states continue to pass data privacy legislation, Maryland has gone above and beyond in signing both the Maryland Online Data Privacy Act of 2024 (MODPA) and the Maryland Age Appropriate Design Code (HB 603/SB...more
5/17/2024
/ COPPA ,
Covered Entities ,
Data Management ,
Data Protection ,
Fines ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Maryland ,
Minor Children ,
Penalties ,
Personal Data ,
Popular ,
Privacy Laws ,
Safety Standards
2023 was a record-breaking year, with legislators in Delaware, Indiana, Iowa, Montana, Oregon, Tennessee and Texas passing comprehensive data privacy laws, joining California, Colorado, Connecticut, Utah and Virginia. Already...more
4/16/2024
/ Consumer Privacy Rights ,
Data Privacy ,
Data Protection ,
Disclosure Requirements ,
Exemptions ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
New Jersey ,
New Legislation ,
Opt-Outs ,
Personal Data ,
Personal Information ,
Private Right of Action ,
Reporting Requirements ,
State Privacy Laws
Texas has joined the growing list of states enacting comprehensive consumer data privacy laws. On June 18, 2023, Governor Abbott (R) signed H.B.4, otherwise known as the Texas Data Privacy and Security Act (“TDPSA”). The...more
Our May Madness series is getting you caught up on comprehensive privacy legislation passing state legislatures across the nation. In April, governors signed legislation in Tennessee and Indiana, and this month ahead of...more
The Volunteer State became the eighth state to enact a comprehensive data privacy law after Gov. Bill Lee (R) signed the Tennessee Information Protection Act (“TIPA”) into law yesterday, May 11.
Tennessee joins a growing...more
5/12/2023
/ California Consumer Privacy Act (CCPA) ,
Controlled Substances Act ,
Corporate Counsel ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Fair Credit Reporting Act (FCRA) ,
Farm Credit Administration ,
Fines ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
NIST ,
Nonprofits ,
Opt-Outs ,
Penalties ,
Personal Information ,
Private Right of Action ,
State Privacy Laws ,
Tennessee
Public companies initiating the year-end reporting process will need to consider, and in many cases take steps to address, a number of significant developments and issues. To assist companies in this process, Mintz has...more
12/9/2022
/ Annual Meeting ,
Breach of Duty ,
Clawbacks ,
Climate Change ,
Corporate Governance ,
Cybersecurity ,
Data Protection ,
Disclosure Requirements ,
Diversity and Inclusion Standards (D&I) ,
Filing Deadlines ,
Insider Trading ,
Privacy Laws ,
Proxy Advisors ,
Publicly-Traded Companies ,
Securities and Exchange Commission (SEC) ,
Shareholders ,
Stock Markets ,
Supply Chain ,
Ukraine
The Federal Trade Commission (“FTC”) announced on Monday that it is settling a case against Drizly and its CEO stemming from a 2020 data breach that impacted roughly 2.5 million consumers. The proposed order not only...more
10/31/2022
/ Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Hackers ,
Identity Theft ,
Personal Data ,
Popular ,
Securities and Exchange Commission (SEC) ,
Settlement
The new California privacy regulatory body, the California Privacy Protection Agency (CPPA), has loudly voiced its opposition to the proposed federal American Data Privacy and Protection Act (ADPPA). The bottom line for...more
There is a pattern here. Long holiday weekends make for ransomware attacks and data breaches. It is well-known that malicious actors take advantage of understaffed IT resources on holidays. In fact, it’s become such a common...more
9/3/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
FBI ,
Hackers ,
Holidays ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Ransomware ,
Risk Management
Colorado has now joined California and Virginia to become the third US state to pass a comprehensive data privacy legislation when Governor Jared Polis signed the Colorado Privacy Act (the “CPA”) into law on July 8, 2021. The...more
8/3/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
CDPA ,
Colorado ,
COPPA ,
Data Deletion ,
Data Protection ,
Enforcement ,
Fair Credit Reporting Act (FCRA) ,
General Data Protection Regulation (GDPR) ,
GLBA Privacy ,
Notice Requirements ,
Opt-Outs ,
Right of Access ,
State Privacy Laws
To note the one year anniversary of the California Consumer Privacy Act (CCPA) enforcement date, California Attorney General Rob Banta held a press conference on July 19, 2021 to share key information about enforcement...more
Colorado has now joined California and Virginia to become the third US state to pass a comprehensive data privacy legislation when Governor Jared Polis signed the Colorado Privacy Act (the “CPA”) into law on July 8, 2021. The...more
There is a glut of information out there regarding privacy and cybersecurity these days. Our new feature “What We’re Reading” provides a curated list of articles, blogs, newsletters, and books that you may find interesting...more
At the close of Connecticut’s 2021 legislative session, a pair of data protection/cybersecurity related bills made their way to Governor Ned Lamont’s desk, while a CCPA-like omnibus privacy law falling one floor vote short. ...more
The Mintz Privacy & Cybersecurity Blog will be providing regular updates of notable pending US state privacy laws. Following our similar previous updates, the most recent of which may be found here, this update checks in on...more
Although the California Consumer Protection Act (“CCPA”) went into effect on January 1, 2020 and over 100 class actions referencing the CCPA have been filed to date, very few class actions have actually made their way to...more
In a previous update, we provided a comprehensive round-up of several notable pending US state privacy laws. We are checking-in on the progression of some of those laws in this further update. The next installment will...more
We summarized Virginia’s Consumer Data Protection Act (CDPA) in advance of its passage by the legislature and it now awaits Governor Ralph Northam’s signature. This will make Virginia the second state (behind California)...more
While we continue to await comprehensive US federal privacy legislation, and following California’s lead with its California Consumer Privacy Act of 2018 (CCPA), individual states are stepping up to the plate. Based on what...more
January 28 is known worldwide as “Data Privacy Day” or “Data Protection Day,” and it’s a good opportunity to remind everyone of some privacy basics – particularly as people are still working remotely and threats to...more
As businesses continue to work on compliance with the California Consumer Privacy Act (CCPA) and the multiple versions of regulations issued by the Attorney General’s Office, Attorney General Becerra has issued yet another...more
12/15/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Opt-Outs ,
Personal Information ,
Proposed Regulation ,
Public Comment ,
Rulemaking Process ,
State Attorneys General
The Home Depot, Inc. (“Home Depot”) recently entered into a multi-state Assurance of Voluntary Compliance with Attorneys General of 46 states and the District of Columbia (the “Settlement”) stemming from a massive 2014 data...more
12/3/2020
/ Chief Information Security Officer (CISO) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Home Depot ,
Personal Information ,
Popular ,
Settlement ,
State Attorneys General
The New York State Department of Financial Services (“NYDFS”) has announced its first enforcement action of NYDFS’ Cybersecurity Regulation, Part 500 of Title 23 (“Cybersecurity Regulation”) against First American Title...more
At present, the California Consumer Privacy Act (CCPA) has “temporary” (and limited) exemptions for the application of portions of the CCPA to personal data collected in the course of business-to-business transactions...more