On October 17, 2019, the Hogan Lovells Privacy and Cybersecurity team discussed key elements of the California Attorney General’s proposed regulations implementing certain provisions of the California Consumer Privacy Act...more
11/5/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Deletion ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Opt-In ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Regulation ,
Regulatory Agenda ,
Right to Delete ,
Rulemaking Process ,
State and Local Government
On October 22, the Interactive Advertising Bureau (IAB), a media and marketing industry trade group, released for public comment the California Consumer Privacy Act Compliance Framework for Publishers and Technology Companies...more
11/1/2019
/ California Consumer Privacy Act (CCPA) ,
Comment Period ,
Consumer Privacy Rights ,
Cooperative Compliance Regime ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Sellers ,
Framework Agreement ,
Interactive Advertising Bureau ,
Internet ,
Online Advertisements ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Publishers ,
Targeted Digital Advertising ,
Technology Sector ,
Websites
On October 10, California Attorney General Xavier Becerra (CA AG) released proposed regulations to implement certain provisions of the California Consumer Privacy Act (CCPA). The CA AG also released a Notice of Proposed...more
10/14/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
COPPA ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Information Sharing ,
Non-Discrimination Rules ,
NPRM ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Regulation ,
Regulatory Agenda ,
Rulemaking Process ,
State and Local Government ,
State Attorneys General
Since the California Consumer Privacy Act’s (CCPA) hasty passage in June last year and minor changes last September, the CCPA has vexed businesses working on compliance. Among many practical challenges, the CCPA often...more
9/25/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Fair Credit Reporting Act (FCRA) ,
Legislative Agendas ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Agenda ,
Request For Information ,
Rulemaking Process ,
State and Local Government
The Federal Trade Commission (“FTC”) is requesting public comments on the Children’s Online Privacy Protection Rule (“COPPA Rule”). In particular, the FTC is seeking feedback on the effectiveness of its 2013 amendments to the...more
9/6/2019
/ Comment Period ,
COPPA ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Federal Trade Commission (FTC) ,
Mobile Apps ,
Online Safety for Children ,
Parental Consent ,
Personally Identifiable Information ,
Public Comment ,
Regulatory Reform ,
Website Owner Liability ,
Websites
Nevada has a new privacy law. On May 29, Nevada Governor Steve Sisolak signed Senate Bill 220 (SB-220) into law, making Nevada the first state to join California in granting consumers the right to opt out of the sale of their...more
6/3/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Protection ,
Data-Sharing ,
New Legislation ,
Opt-Outs ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
State and Local Government
The Federal Trade Commission (“FTC”) issued notices on March 5 seeking public comment on proposed amendments to the regulations implementing the Gramm-Leach-Bliley Act (“GLBA”), commonly known as the Safeguards Rule and...more
3/14/2019
/ Chief Information Security Officer (CISO) ,
Data Management ,
Data Security ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
Gramm-Leach-Blilely Act ,
Incident Response Plans ,
Privacy Rule ,
Public Comment ,
Regulatory Agenda ,
Regulatory Standards ,
Risk Assessment ,
Rulemaking Process ,
Safeguards Rule ,
WISP
On February 27, 2019, the Federal Trade Commission (“FTC”) announced that it settled with the operators of a video social networking app for a record civil penalty of $5.7 million under the Children’s Online Privacy...more
3/4/2019
/ Consumer Protection Laws ,
COPPA ,
Data Collection ,
Federal Trade Commission (FTC) ,
Information Technology ,
Mobile Apps ,
Music ,
Online Safety for Children ,
Personally Identifiable Information ,
Regulatory Violations ,
Social Networks ,
Website Owner Liability
In this edition we survey the latest legal and regulatory developments across the global media and communications industry. We have a particular focus on new privacy laws.
...more
The California Department of Justice has announced a March 8, 2019 deadline for submitting written pre-rulemaking comments on the California Consumer Privacy Act (CCPA). The March 8 deadline is an extension from the...more
The Illinois Supreme Court ruled on January 25 in Rosenbach v. Six Flags Entertainment Corp. that a plaintiff can allege a violation of rights under the state’s Biometric Information Protection Act (BIPA) even without...more
1/28/2019
/ Amusement Parks ,
Article III ,
Biometric Information ,
Biometric Information Privacy Act ,
Data Collection ,
Data Privacy ,
Fingerprints ,
IL Supreme Court ,
Injunctive Relief ,
Injury-in-Fact ,
Personal Data ,
Standing ,
Statutory Interpretation ,
Statutory Violations
This is the ninth installment in Hogan Lovells’ series on the California Consumer Privacy Act.
The California Consumer Privacy Act of 2018 (“CCPA”) exempts information that is collected, processed, sold, or disclosed...more
12/10/2018
/ California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Exemptions ,
Financial Institutions ,
Financial Services Industry ,
Gramm-Leach-Blilely Act ,
Information Technology ,
Personally Identifiable Information ,
Privacy Rule
This is the eighth installment in Hogan Lovells’ series on the California Consumer Privacy Act.
In the digital age, data is everything. “Big Data” feeds countless business processes and offerings. Businesses rely on data...more
12/3/2018
/ Big Data ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Notice Requirements ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Risk Mitigation
The Federal Trade Commission (FTC) recently published a paper recapping its December 2017 Informational Injury Workshop. ...more
This is the seventh installment in Hogan Lovells’ series on the California Consumer Privacy Act.
The application of the California Consumer Protection Act of 2018 (“CCPA”) to employee data has been the subject of much...more
10/26/2018
/ Anti-Discrimination Policies ,
California Consumer Privacy Act (CCPA) ,
Data Collection ,
Data Privacy ,
Employee Privacy Rights ,
Employer Liability Issues ,
Employment Records ,
Opt-Outs ,
Personally Identifiable Information ,
Popular ,
Privacy Laws
Join us on Thursday, November 8, 2018 to discuss the current state of the automotive industry and the impact of technology, regulations, and trade on the future of this critical segment of Mexico's economy....more
Late last month, California Governor Jerry Brown signed the first US Internet of Things (IoT) cybersecurity legislation: Senate Bill 327 and Assembly Bill 1906. ...more
10/18/2018
/ Connected Items ,
Cyber Attacks ,
Cybersecurity ,
Data Protection ,
Hackers ,
Information Technology ,
Internet of Things ,
Mobile Devices ,
New Legislation ,
Popular ,
Risk Management ,
Security Standards ,
State and Local Government
On June 28, 2018, California’s governor signed Assembly Bill 375, a groundbreaking new data privacy law that some are calling the United States’ answer to the European Union’s General Data Protection Regulation (GDPR). ...more
California continues to be a first mover in privacy in the United States, enacting the US’s toughest and most comprehensive privacy legislation on Thursday, June 28, 2018....more
In a landmark 5-4 decision, the United States Supreme Court held that the government conducts a search under the Fourth Amendment and therefore, absent exigent circumstances, needs a warrant supported by probable cause when...more
6/26/2018
/ Carpenter v US ,
Cell Phones ,
Cell Site Location Information (CSLI) ,
Criminal Convictions ,
Electronic Records ,
Electronically Stored Information ,
Exigent Circumstances ,
Fourth Amendment ,
Geolocation ,
Location Data ,
Probable Cause ,
Reasonable Expectation of Privacy ,
Remand ,
Reversal ,
SCOTUS ,
Third-Party ,
Warrantless Searches
The U.S. Environmental Protection Agency was created in 1970 to safeguard the environment against pollutants. The tidal wave of environmental regulations that followed impacted every industry in the United States, especially...more
5/10/2018
/ Automated Transportation ,
Automotive Industry ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Storage ,
Data Use Policies ,
Drivers ,
General Data Protection Regulation (GDPR) ,
Manufacturers ,
Motor Vehicles ,
Personal Data ,
Popular ,
Smart Devices ,
Technology Sector
Virtually all industries are being reshaped with the use of Artificial Intelligence and advanced machine-learning.
Everything from healthtech to self-driving vehicles, to education and smart homes, drones and space, social...more
4/4/2018
/ Antitrust Provisions ,
Artificial Intelligence ,
Asia Pacific ,
Connected Cars ,
Connected Items ,
Drones ,
Ethics ,
Export Controls ,
FinTech ,
Intellectual Property Protection ,
Life Sciences ,
Outer Space ,
Popular ,
Regulatory Oversight ,
Robotics ,
Satellites ,
Smart Devices ,
Unmanned Aircraft Systems
Prompted by concern over the increase in the risks and frequency of data breach incidents and other cyber-attacks affecting public companies, the Securities and Exchange Commission recently published interpretive guidance to...more
3/6/2018
/ Cyber Threats ,
Cybersecurity ,
Data Breach ,
Disclosure Requirements ,
Financial Statements ,
Insider Trading ,
Interpretive Rule ,
Non-Public Information ,
Publicly-Traded Companies ,
Regulation FD ,
Regulation S-K ,
Risk Management ,
Securities and Exchange Commission (SEC)
It’s been almost a year since the New York State Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) came into effect. Since that time, a series of key dates have marked the implementation of...more
2/28/2018
/ Banking Sector ,
Chief Information Security Officer (CISO) ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Financial Institutions ,
Financial Services Industry ,
Information Technology ,
Insurance Industry ,
NYDFS ,
Popular ,
Risk Assessment ,
Risk Management ,
Vulnerability Assessments
In the same week that the automotive industry gathers in Washington, D.C. for the 2018 Washington Auto Show, a cross-section of automotive stakeholders, government officials, and consumer and privacy advocates came together...more
1/30/2018
/ Automotive Industry ,
Connected Cars ,
Cybersecurity ,
Data Collection ,
Department of Transportation (DOT) ,
Driverless Cars ,
Fair Information Practice Principles (FIPPs) ,
Federal Trade Commission (FTC) ,
GAO ,
Motor Vehicles ,
Popular ,
Privacy Concerns ,
Regulatory Oversight ,
Technology Sector