United Kingdom, French and Belgian national security laws (and such laws of other EU Member States) fell under the scrutiny of the Court of Justice of the European Union (CJEU), which on October 6, 2020, ruled on whether such...more
10/14/2020
/ Consumer Privacy Rights ,
Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Security ,
Electronic Communications ,
EU ,
General Data Protection Regulation (GDPR) ,
Member State ,
National Security ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
UK
The City Council of Portland, Oregon unanimously passed a ban on facial recognition, set to take effect in January 2021. The Portland ban is currently the strongest in the United States, preventing not only government...more
Two developments in the United Kingdom demonstrate the country’s renewed commitment to a sustainable data strategy with appropriate privacy and security safeguards. First, on September 9, 2020, the U.K. government published a...more
9/30/2020
/ Artificial Intelligence ,
Cyber Threats ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Security ,
Data Storage ,
International Data Transfers ,
Personal Data ,
Research and Development ,
UK
On Friday September 4, 2020, the European Data Protection Board (EDPB), a body consisting of representatives of all the Data Protection Authorities (DPAs) in the European Economic Area, announced that it had formed two new...more
9/14/2020
/ Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Security ,
EU ,
EU Data Protection Laws ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information
On March 5, 2020, Gov. Phil Scott (VT-R) signed into law amendments to the Security Breach Notice Act (the “Act”). The amendments, which originated in the State Senate as part of an initiative addressing a number of data...more
8/10/2020
/ Amended Legislation ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Governor Scott ,
New Guidance ,
Notice Requirements ,
Personally Identifiable Information ,
Popular ,
State Attorneys General
On Tuesday, August 4, Senators Jeff Merkley (D-OR) and Bernie Sanders (I-VT) announced the introduction of the National Biometric Information Privacy Act of 2020 to prohibit private companies from collecting biometric data...more
On July 1, 2020, California Attorney General Xavier Becerra issued a statement as the first day of enforcement of the California Consumer Privacy Act (CCPA) commenced, urging businesses to know their responsibilities under...more
The advocacy group, Californians For Consumer Privacy, has qualified the California Privacy Rights Act (CPRA) for the November 2020 ballot. The required number of signatures was verified by the California Secretary of State,...more
The California Attorney General’s Office is going forward with the enforcement of the California Consumer Privacy Act (CCPA) despite the logistical issues caused by COVID-19. An advisor to Attorney General Becerra made a...more
- The California Attorney General Office (AGO) issued revised proposed regulations (Version 2) regarding the California Consumer Privacy Act on February 7, 2020. The AGO will collect comments on the revised regulations until...more
2/21/2020
/ California Consumer Privacy Act (CCPA) ,
Comment Period ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Notice Requirements ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Policy ,
Proposed Regulation ,
Public Comment ,
Right to Delete ,
Right To Know ,
State Attorneys General
- The Washington state Senate has passed its version of a consumer data privacy bill as state lawmakers debate proposed legislation for the Washington Privacy Act, the state’s first data privacy law.
- In their own bill,...more
2/19/2020
/ Consumer Privacy Rights ,
Corporate Counsel ,
Customer-Loyalty Programs ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Facial Recognition Technology ,
Legislative Agendas ,
Opt-Outs ,
Personally Identifiable Information ,
Preemption ,
Privacy Legislation ,
Private Right of Action ,
Proposed Legislation ,
Right to Delete ,
Right-To-Access
• The Draft Regulations introduced by the California Attorney General’s Office on October 10, 2019 are subject to a public comment period and public hearings that will close on December 6, 2019. Now is the time to act to try...more
10/29/2019
/ California Consumer Privacy Act (CCPA) ,
Comment Period ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
Proposed Regulation ,
Public Comment ,
Right to Delete ,
Right To Know ,
State Attorneys General
Maine’s legislature unanimously passed a new law—“An Act to Protect the Privacy of Online Customer Information” (the “Act”)—that will impose strict data protection restrictions on broadband internet service providers (ISPs)...more
10/29/2019
/ Broadband ,
Consent ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Authority ,
Internet ,
Internet Service Providers (ISPs) ,
New Legislation ,
Personally Identifiable Information ,
Privacy Laws ,
Public Utility ,
Utilities Sector
Attorney General Becerra held a press conference on October 10th, 2019, and announced the release of proposed regulations concerning the California Consumer Privacy Act (CCPA). He stressed that privacy is an inalienable right...more
10/14/2019
/ California Consumer Privacy Act (CCPA) ,
Comment Period ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Regulation ,
Public Comment ,
State Attorneys General
On May 29, 2019, Nevada’s governor approved a new privacy law, Senate Bill 220 (“SB 220”). SB 220 amends existing state law that requires operators of websites and online services (“Operators”) to post privacy notices on...more
9/12/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Rights ,
Data Security ,
Data Use Policies ,
New Legislation ,
Online Platforms ,
Operators ,
Opt-Outs ,
Permanent Injunctions ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
Private Right of Action ,
State Data Privacy Laws ,
Statutory Penalties ,
Third-Party Service Provider ,
Websites
Data protection authorities (DPAs) in the European Union (EU) continue to scrutinize practices in the adtech sector for compliance with the EU’s General Data Protection Regulation (GDPR) and local data protection and...more
8/6/2019
/ Cookies ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Subjects Rights ,
Data Use Policies ,
Electronic Communications ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Marketing ,
Notice Requirements ,
Online Advertisements ,
Personal Data ,
Popular
In a set of recent settlements, the Federal Trade Commission (the FTC or Commission) resolved charges against two companies, ClixSense and D-Link, for failing to provide reasonable security and to live up to their data...more
7/23/2019
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Encryption ,
Federal Trade Commission (FTC) ,
FTC Act ,
Hackers ,
Information Security ,
Misrepresentation ,
Personally Identifiable Information ,
Policies and Procedures ,
Popular ,
Section 5 ,
Settlement Agreements
The 2018 California Consumer Privacy Act (CCPA) requires the California Attorney General’s Office (AGO) to promulgate regulations related to the CCPA by July 1, 2020. The AGO is holding a series of public forums and accepting...more
1/29/2019
/ Comment Period ,
Consumer Privacy Rights ,
Consumer Protection Act ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Non-Discrimination Rules ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Public Comment ,
Public Forum ,
Rulemaking Process ,
Safe Harbors ,
State Attorneys General
• On January 25, 2019, the Illinois Supreme Court issued a decision interpreting the Biometric Information Privacy Act (BIPA) in the Rosenbach v. Six Flags Entertainment Corp. appeal. The court ruled that a plaintiff does not...more
1/29/2019
/ Actual Injuries ,
Appeals ,
Biometric Information ,
Biometric Information Privacy Act ,
Consent ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Retention ,
Fingerprints ,
IL Supreme Court ,
Injunctive Relief ,
Liquidated Damages ,
Personally Identifiable Information ,
Private Right of Action ,
Putative Class Actions ,
Standing ,
Statutory Interpretation ,
Statutory Violations
• Non-profit organizations are testing companies’ GDPR compliance through targeted requests for information and other means and are filing complaints against allegedly non-compliant companies.
• Main areas for non-profit...more
1/28/2019
/ Australia ,
CNIL ,
Cybersecurity ,
Data Collection ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
Google ,
International Data Transfers ,
Nonprofits ,
Personal Data ,
Popular ,
Request For Information
• The California Legislature passed SB 1121 to revise certain sections of the CCPA – the nation’s strictest privacy protection statute which provides Californians with a right to learn what personal information certain...more
9/10/2018
/ California Consumer Privacy Act (CCPA) ,
Civil Monetary Penalty ,
CMIA ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Enforcement ,
Exemptions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Medical Records ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Private Right of Action ,
Time Extensions
• California recently passed the landmark California Consumer Privacy Act that goes into effect in 2020, which grants California residents new privacy rights.
• The CCPA creates a private right of action for California...more
7/9/2018
/ Attorney General ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Rights ,
Data Security ,
Disclosure Requirements ,
Encryption ,
Enforcement Actions ,
Governor Brown ,
New Legislation ,
Notice Requirements ,
Opt-Outs ,
Penalties ,
Personal Data ,
Personally Identifiable Information ,
Private Right of Action ,
Right to Delete ,
Third-Party Service Provider ,
Transparency