This week, the New York Attorney General issued two privacy guides—one for businesses and one for consumers—outlining online tracking and privacy controls for websites and browsers....more
This week, Ken Paxton, the Texas Attorney General, filed suit against General Motors for alleged violations of the Texas Deceptive Trade Practices Act in collecting and selling drivers’ data to insurers without consumer...more
Minnesota was the nineteenth state to pass a comprehensive data privacy law, the Minnesota Consumer Privacy Act (H.F. 4757) (MCPA), which becomes effective on July 31, 2025.
While we continue to see more of these laws...more
Following the Sephora and DoorDash enforcement actions, on June 18, 2024, the California Attorney General announced its third California Consumer Privacy Act (CCPA) enforcement action against Tilting Point Media LLC. Tilting...more
CYBERSECURITY -
CISA Issues Advisory on Black Basta Ransomware -
On May 10, 2024, CISA, along with the FBI, HHS, and MS-ISAC, issued a joint Cybersecurity Advisory relating to Black Basta ransomware affiliates “that...more
5/17/2024
/ Artificial Intelligence ,
Consumer Privacy Rights ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Security ,
NIST ,
Ransomware ,
Risk Mitigation
Last week, the Vermont legislature passed H. 121, the Vermont Data Privacy Act. This law will make Vermont the 18th state to grant consumers privacy rights similar to those under the California Consumer Privacy Act (CCPA). It...more
CYBERSECURITY -
Health Care Entities Continue to Get Pummeled by Cybersecurity Attacks -
The newest health care entity to be hit by a cyberattack is Ascension Health, which operates 140 hospitals and 40 assisted living...more
5/10/2024
/ Consumer Privacy Rights ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Sharing ,
Personal Data ,
Personally Identifiable Information ,
Social Media
CYBERSECURITY -
CISA + Partners Issue Alert for Protection of Water Systems, Dams, Energy + Food + Ag -
In response to the growing threat by pro-Russia hacktivists, on May 1, 2023, CISA and other national agency...more
5/3/2024
/ Artificial Intelligence ,
Consumer Privacy Rights ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
FCC ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Location Data ,
OCR
Last month, Nebraska passed the Nebraska Data Privacy Act (NDPA), making it the latest state to enact comprehensive privacy legislation. Nebraska joins California, Virginia, Colorado, Connecticut, Utah, Iowa, Indiana,...more
Future LLC, a magazine and website publisher and owner of the TechRadar.com website, faces allegations that it collected website visitors’ IP addresses without consent in violation of the California Invasion of Privacy Act...more
4/26/2024
/ California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
California Privacy Rights Act (CPRA) ,
CIPA ,
Consumer Privacy Rights ,
Data Collection ,
Opt-Outs ,
Popular ,
Privacy Policy ,
Targeted Digital Advertising ,
Web Tracking ,
Websites
CYBERSECURITY
HC3 Warns Health Sector About Social Engineering Attacks Against IT Help Desks -
The Health Sector Cybersecurity Coordination Center (HC3) recently issued an Alert warning that “threat actors employing...more
4/12/2024
/ California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
Information Technology ,
Risk Management
The California Privacy Protection Agency (CPPA) recently issued an enforcement advisory encouraging covered businesses to focus on their data minimization obligations related to consumer requests under the California Consumer...more
CYBERSECURITY -
City of Pensacola Services Disrupted by Cyber-Attack -
Adding to the list of many other municipalities, the city of Pensacola, Florida, was hit with a cyber-attack last weekend that affected services to...more
3/22/2024
/ Artificial Intelligence ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Machine Learning ,
Online Platforms ,
Tracking Systems ,
Vulnerability Assessments
CYBERSECURITY -
CISA, FBI + MS-ISAC Issue Warning on Phobos Ransomware -
To help organizations protect against ransomware, CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a...more
3/11/2024
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Biden Administration ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Executive Orders ,
FBI ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
International Data Transfers ,
International Emergency Economic Powers Act (IEEPA) ,
Ransomware ,
Vulnerability Assessments
The Connecticut Data Privacy Act (CDPA), which became effective on July 1, 2023, provides Connecticut residents with certain rights over their personal information and establishes responsibilities and privacy protection...more
2/12/2024
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Information Technology ,
Regulatory Reform ,
Regulatory Requirements ,
State Attorneys General ,
State Data Privacy Laws
Last week, California Attorney General Rob Bonta announced a new enforcement focus on streaming apps’ failure to comply with the California Consumer Privacy Act (CCPA). This investigation will examine whether streaming...more
Last week, the California Privacy Protection Agency (CPPA) launched a new website dedicated to providing resources to California residents about their privacy rights under the California Consumer Privacy Act (CCPA). The...more
1/26/2024
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Online Platforms ,
Regulatory Requirements ,
Rulemaking Process ,
State Privacy Laws ,
Websites
Similar to the well-known California Consumer Privacy Act, on July 1, 2024, the Colorado Privacy Act (CPA) goes into effect and will provide Colorado residents with express rights over their data collected by businesses. The...more
1/12/2024
/ Colorado ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Priorities ,
Opt-Outs ,
Personal Data ,
Regulatory Agenda ,
Regulatory Reform ,
State Data Privacy Laws
The California Privacy Protection Agency (CPPA) recently met to discuss automated decision-making technology, privacy risk assessments and cybersecurity audits under the California Consumer Privacy Act (CCPA) as amended by...more
12/27/2023
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Comment Period ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Regulatory Agenda ,
Regulatory Requirements ,
Rulemaking Process ,
State Privacy Laws
Last week, the California Privacy Protection Agency (CPPA) voted in favor of a legislative proposal that would require web browsers to include a feature that allows web users the ability to exercise their privacy rights under...more
12/22/2023
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Opt-Outs ,
Regulatory Agenda ,
Right to Privacy ,
State Data Privacy Laws ,
Web Browsers ,
Websites
CYBERSECURITY -
New York Governor Proposes Cybersecurity Regulations for NY Hospitals -
On November 13, 2023, Governor Kathy Hochul released proposed cybersecurity regulations applicable to all hospitals located within...more
11/17/2023
/ Artificial Intelligence ,
Consumer Privacy Rights ,
Corporate Sales Transactions ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
FCC ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Identity Theft ,
Personal Data ,
Personally Identifiable Information ,
Regulatory Agenda ,
Regulatory Reform
Data privacy and cybersecurity risks are critical components of M&A transactions due to the potential exposure for legal liability for non-compliance, as well as the financial and reputational harm and the material impact...more
11/17/2023
/ Acquisition Agreements ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cooperative Compliance Regime ,
Corporate Sales Transactions ,
Cybersecurity ,
Data Privacy ,
Due Diligence ,
Failure to Comply ,
Merger Agreements ,
Popular
In August, the California Privacy Protection Agency (CPPA) released its initial draft regulations for cybersecurity audits and risk assessments under the California Privacy Rights Act (CPRA). While the CPPA has not yet...more
10/13/2023
/ Artificial Intelligence ,
California ,
California Privacy Protection Agency (CPPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Machine Learning ,
Personal Information ,
Popular ,
Risk Assessment ,
State Privacy Laws
This week, California’s governor signed a first-in-the-nation law that will impose new regulations on data brokers, requiring such entities to delete personal data pursuant to consumer requests. Data brokers specialize in...more
10/13/2023
/ California ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Data Brokers ,
Data Collection ,
Data Deletion ,
Data Management ,
Data Protection ,
Information Governance ,
New Legislation ,
Personal Data ,
Personally Identifiable Information ,
Regulatory Reform
CYBERSECURITY -
CISA Launches Cybersecurity Public Awareness Campaign -
To kick off the twentieth annual Cybersecurity Awareness Month, the Cybersecurity and Infrastructure Security Agency (CISA) has announced that CISA...more