In this month’s Privacy & Cybersecurity Update, we examine Delaware’s new comprehensive data privacy law, a joint statement by 12 data protection authorities on data scraping and data protection, a district court ruling on a...more
10/3/2023
/ California Privacy Protection Agency (CPPA) ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Popular ,
Privacy Laws ,
Risk Assessment ,
Risk Management ,
State and Local Government ,
State Data Privacy Laws ,
State Privacy Laws ,
Web Scraping
In this month’s Privacy & Cybersecurity Update, we analyze the Biden administration’s proposed cybersecurity labeling program for smart devices, NIST’s extensive overhaul of its cybersecurity framework, and data privacy law...more
9/6/2023
/ Biden Administration ,
California ,
California Privacy Rights Act (CPRA) ,
Colorado ,
Compliance ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Labeling ,
NIST ,
Popular ,
Privacy Laws ,
Smart Devices ,
State Privacy Laws
In this month’s Privacy & Cybersecurity Update, we examine the newly established data privacy framework between the EU and U.S. and new consumer privacy laws in Oregon and Texas. We also review a court ruling that delayed...more
8/2/2023
/ Biometric Information Privacy Act ,
California ,
California Privacy Rights Act (CPRA) ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Framework ,
Data Privacy ,
Data Transfers ,
Disclosure ,
EU ,
European Commission ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
NYDFS ,
Oregon ,
Popular ,
Privacy Laws ,
Proposed Amendments ,
Regulatory Requirements ,
Risk Management ,
Texas
In this month’s Privacy & Cybersecurity Update, we look at Washington state’s passage of the first-ever state-level health data privacy law and the finalized California Consumer Privacy Act regulations. We also examine a...more
5/2/2023
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Food and Drug Administration (FDA) ,
Fraudulent Wire Transfers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Insurance Industry ,
Medical Devices ,
Notice of Proposed Rulemaking (NOPR) ,
Popular ,
Privacy Laws ,
Reproductive Healthcare Issues ,
State Privacy Laws
In this month’s Privacy & Cybersecurity Update, we examine the European Commission’s draft adequacy decision on the EU-U.S. Data Privacy Framework, as well as guidance from the U.K. Information Commissioner’s Office on...more
1/3/2023
/ Biometric Information Privacy Act ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Employee Monitoring ,
EU ,
European Commission ,
International Data Transfers ,
Popular ,
Privacy Laws ,
Risk Assessment ,
UK
In this month’s Privacy & Cybersecurity Update, we examine the California Privacy Protection Agency’s revised draft regulations for the California Privacy Rights Act, the Federal Trade Commission’s settlement with a...more
12/6/2022
/ California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Direct Marketing ,
Electronic Communications ,
Enforcement ,
Federal Trade Commission (FTC) ,
Notice Requirements ,
Opt-Outs ,
Personally Identifiable Information ,
Popular ,
Proposed Regulation ,
Regulatory Agenda ,
Rulemaking Process ,
UK
In this month’s Privacy & Cybersecurity Update, we review California’s settlement of the first-ever enforcement action under the California Consumer Privacy Act, as well as the state’s new child-focused privacy law and...more
In this month’s Privacy & Cybersecurity Update, we review the FTC’s proposed data privacy and cybersecurity rulemaking and the European Data Protection Board’s draft guidelines on the calculation of GDPR administrative fines....more
9/7/2022
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Gramm-Leach-Blilely Act ,
Popular ,
Public Comment ,
Rulemaking Process
In this month’s Privacy & Cybersecurity Update, we examine the FTC’s blog post suggesting an increased focus on protecting consumers’ sensitive data and Plaid’s settlement to resolve a class action arising from its data...more
In this month's Privacy & Cybersecurity Update, we examine California’s draft amended regulations for the California Privacy Rights Act, the introduction of comprehensive federal privacy legislation in Congress and the U.K.’s...more
In this month’s Privacy & Cybersecurity Update, we review Connecticut’s passage of a comprehensive privacy law (making it the fifth state to do so), the newly enacted federal Better Cybercrime Metrics Act, New York’s new law...more
6/3/2022
/ COPPA ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Personal Data ,
Popular ,
State Privacy Laws
In this month’s Privacy & Cybersecurity Update, we examine the FTC chair’s comments suggesting a potential shift in its approach to data privacy regulation, the European Data Protection Board’s request for comment on its...more
5/4/2022
/ Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Food and Drug Administration (FDA) ,
Medical Devices ,
Personal Data ,
Personally Identifiable Information ,
Popular
In this month’s Privacy & Cybersecurity Update, we examine the Illinois Supreme Court’s decision in a case involving workers compensation and the state’s Biometric Information Privacy Act, U.K. data transfer regimes before...more
3/2/2022
/ Biometric Information ,
Biometric Information Privacy Act ,
COPPA ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection Authority ,
EU ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
IL Supreme Court ,
International Data Transfers ,
Internet of Things ,
NIST ,
Personal Data ,
Popular ,
Standard Contractual Clauses
In this month’s Privacy & Cybersecurity Update, we examine the U.S. Chamber of Commerce’s letter to Congress calling for federal cybersecurity legislation, the New York attorney general’s report on “credential stuffing”...more
2/3/2022
/ Biometric Information Privacy Act ,
Commercial General Liability Policies ,
Consumer Financial Protection Bureau (CFPB) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
FTC Act ,
Medical Devices ,
Personal Information
In this month’s Privacy & Cybersecurity Update, we examine the FBI’s warning to companies regarding cyberattacks targeting confidential M&A activity, as well as the Cybersecurity and Infrastructure Security Agency’s directive...more
12/1/2021
/ Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
EU ,
European Data Protection Board (EDPB) ,
FBI ,
International Data Transfers ,
Ransomware ,
Robocalling
In this month’s edition of our Privacy & Cybersecurity Update, we examine the FTC’s changes to the Gramm-Leach-Bliley Act’s Safeguards Rule and the CFPB’s order requiring six tech companies to disclose information regarding...more
11/2/2021
/ Consumer Financial Protection Bureau (CFPB) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
GEICO ,
Gramm-Leach-Blilely Act ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Multidistrict Litigation ,
Putative Class Actions ,
Safeguards Rule
In this month’s edition of our Privacy & Cybersecurity Update, we examine the California Privacy Protection Agency's public comment period for the California Privacy Rights Act, the U.K. government's public consultation...more
10/4/2021
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
Fourth Amendment ,
General Data Protection Regulation (GDPR) ,
Office of Foreign Assets Control (OFAC) ,
Personal Information ,
Public Comment ,
Surveillance
In this month’s edition of our Privacy & Cybersecurity Update, we examine cybersecurity guidance issued by New York state, and the Cybersecurity and Infrastructure Security Agency’s new “Bad Practices” website outlining what...more
8/3/2021
/ Best Practices ,
California Consumer Privacy Act (CCPA) ,
COPPA ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
European Data Protection Board (EDPB) ,
Federal Trade Commission (FTC) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
NYDFS ,
Popular ,
Ransomware
In this month's edition of our Privacy & Cybersecurity Update, we examine the Second Circuit's ruling allowing standing for increased risk of identity theft following a data breach, the European Commission's recently released...more
5/3/2021
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Labor (DOL) ,
EBSA ,
EU ,
European Commission ,
IN Supreme Court ,
Ransomware
In this month’s edition, we examine California’s new regulations enhancing opt-out rights in the California Consumer Privacy Act and the state's selections for the California Privacy Protection Agency’s inaugural board. We...more
4/2/2021
/ California Consumer Privacy Act (CCPA) ,
Commercial General Liability Policies ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
FDCPA ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Opt-Outs ,
Personal Data ,
Securities and Exchange Commission (SEC) ,
State Attorneys General ,
State Privacy Laws ,
TCPA
In this month's edition of our Privacy & Cybersecurity Update, we examine the New York Department of Financial Services' issuance of the first-ever cyber insurance risk guidance framework, the Eleventh Circuit's ruling...more
In this month's edition, we examine the European Commission's Digital Services Act and its potential regulatory impact, the National Institute of Standards and Technology's draft guidance on internet-of-things devices'...more
2/4/2021
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Security ,
Digital Services ,
Draft Guidance ,
European Commission ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Internet of Things ,
NIST ,
Popular ,
Privacy Policy
In this month’s edition of our Privacy & Cybersecurity Update, we examine the passage of the ballot initiative that enacts the California Privacy Rights Act, the U.K. Information Commissioner’s Office’s final guidance on data...more
12/2/2020
/ Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Schrems I & Schrems II ,
Standard Contractual Clauses
In this month's edition of our Privacy & Cybersecurity Update, we examine the National Institute of Standards and Technology's four principles of the "explainability" of artificial intelligence and the U.K. Information...more
9/1/2020
/ Anti-Drone Technology ,
Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Compliance ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Drones ,
EU-US Privacy Shield ,
FCC ,
Federal Aviation Administration (FAA) ,
Federal Trade Commission (FTC) ,
Final Rules ,
International Data Transfers ,
NIST ,
Office of Administrative Law ,
Personal Information ,
Popular ,
Privacy Laws ,
Risk Mitigation ,
UK ,
UK ICO
In this month's edition, we examine the Court of Justice of the European Union's decision invalidating the EU-U.S. Privacy Shield framework, as well as the U.S. government's response to the decision. We also examine two...more
8/6/2020
/ Automotive Industry ,
Binding Corporate Rules ,
Broadband Privacy Rules ,
Connected Cars ,
Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Economic Loss Doctrine ,
Enforcement Actions ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
Federal Trade Commission (FTC) ,
First Amendment ,
Free Speech ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Insurance Industry ,
International Data Transfers ,
Internet Service Providers (ISPs) ,
Misrepresentation ,
Negligence ,
NYDFS ,
Online Platforms ,
P2B ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Schrems I & Schrems II ,
Security Breach ,
Standard Contractual Clauses ,
U.S. Commerce Department ,
UK ,
UK Data Protection Act ,
United Nations