Back in October, we provided a summary of Article 2 of the California Attorney General’s Initial Proposed CCPA draft regulations, which specify certain notices that must be given to consumers at the time of collection of...more
The revised draft regulations to the California Consumer Privacy Act were issued by the California Attorney General’s office on February 7, and then modified on February 10. These amendments are open for public comment under...more
Late in the afternoon on Friday, the California Attorney General dropped the long-awaited revised draft regulations implementing the California Consumer Privacy Act of 2018 (CCPA). The AG’s office provided a redline to the...more
Now that the United Kingdom has officially withdrawn from the European Union as of January 31, you should look at your transfers of personal data in light of Brexit. Under the Withdrawal Agreement between the UK and the EU,...more
The House Bill. The House is taking a different approach to drafting a federal privacy bill. On December 18, Democratic and Republican staff for the House Energy & Commerce Committee released a bipartisan staff draft for...more
1/30/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
COPPA ,
Cybersecurity ,
Cybersecurity Framework ,
Data Collection ,
Federal Trade Commission (FTC) ,
Legislative Agendas ,
Privacy Laws ,
Reasonable Expectation of Privacy ,
Rulemaking Process ,
State Data Breach Notification Statutes
As 2020 gets underway, Congress will continue to deliberate on federal privacy legislation in the second session of the 116th Congress. The California Consumer Privacy Protection Act (CCPA) went into effect on January 1, and...more
1/30/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Covered Entities ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Federal Trade Commission (FTC) ,
Legislative Agendas ,
Privacy Laws ,
Rulemaking Process ,
State Data Breach Notification Statutes
If you haven’t been paying attention to all the Microsoft warnings for the past year and your company is still running Windows 7, time’s up. After January 14, 2020, Microsoft will stop pushing out security updates to Windows...more
The short answer is “no”. The CCPA has a specific definition for “service provider” at Section 1798.140(v) – and it also requires a vendor to be bound by a written contract that prohibits it from...more
Unless you have been living off the grid for the past year, you likely know that we are now down to 13 days and counting to the effective date of the California Consumer Privacy Act (CCPA). We have received hundreds of...more
12/23/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
DPPA ,
Fair Credit Reporting Act (FCRA) ,
GLBA Privacy ,
Personal Information ,
Private Right of Action ,
State Attorneys General
Because the term “consumer” is so broad in the CCPA (remember: it’s any California resident), it would have applied to employee and job applicant data and all business contact information across the board. After much...more
12/20/2019
/ Amended Legislation ,
B2B Organizations ,
B2B Transactions ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Employee Privacy Rights ,
Job Applicants ,
Personal Information
The California Consumer Privacy Act becomes effective on January 1, 2020 with an amendment that impacts California employers. Covered businesses should, of course, already be in the process of preparing CCPA privacy notices...more
10/30/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Employee Privacy Rights ,
Employer Liability Issues ,
Governor Newsom ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Policy ,
Right to Delete
The California Attorney General’s office (CA AG) has published the long-awaited implementing regulations to the California Consumer Privacy Act (CCPA). In addition to the regulations, the CA AG also released a Notice of...more
The Court of Justice of the European Union (CJEU) – the European Union’s equivalent to the US Supreme Court – has issued a very important ruling with respect to cookie compliance that may require re-evaluation of your cookie...more
10/3/2019
/ Cookies ,
Data Collection ,
Data Processors ,
Data Protection Authority ,
EU Data Protection Laws ,
European Court of Justice (ECJ) ,
Personal Data ,
Popular ,
Prior Express Consent ,
Social Media ,
Website Owner Liability ,
Websites
Interested parties and privacy professionals have all been anxiously awaiting how legislative activity would shake out before the California Consumer Privacy Act (“CCPA”) is implemented January 1, 2020. Now that the dust has...more
9/23/2019
/ Amended Legislation ,
B2B Organizations ,
B2B Transactions ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Collection ,
Governor Newsom ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws ,
Private Right of Action
51 tech company CEOs today signed and sent an open letter to Congress asking for help to hold off and supersede the rising number of state privacy laws growing like weeds. The letter was sent on behalf of the Business...more
As we reported here, the final days of the 2019 California legislative session are winding down, with important amendments to the California Consumer Privacy Act (CCPA) still pending. In Thursday’s Senate session, AB 1130 was...more
They grow up so fast! A sentiment – and challenge – shared by parents and technologists alike. Just when you think you’ve finally figured it out, you blink, and they’re unrecognizable. The old rules can no longer be trusted...more
8/27/2019
/ COPPA ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Guidance Update ,
Mobile Apps ,
Online Safety for Children ,
Parental Consent ,
Personally Identifiable Information ,
Popular ,
Public Comment ,
Website Owner Liability ,
Websites
The California Legislature has returned from its summer recess and got right to work on the pending amendments to the California Consumer Privacy Act (CCPA). The Legislature has 30 days from today to send any amendments to...more
We know we told you yesterday about the Equifax settlement and how you could make a claim in connection with the breach. Well, consumers whose personal information was compromised in Equifax’s massive 2017 data breach are in...more
8/2/2019
/ Civil Penalty Fund ,
Consumer Financial Protection Bureau (CFPB) ,
Corporate Counsel ,
Credit Monitoring ,
Cybersecurity ,
Data Breach ,
Equifax ,
Federal Trade Commission (FTC) ,
Fund Distribution ,
Gramm-Leach-Blilely Act ,
Personally Identifiable Information ,
Settlement Agreements ,
Unfair or Deceptive Trade Practices
The Federal Trade Commission (“FTC”), the Consumer Financial Protection Bureau, and 50 U.S. states and territories, have reached a global settlement agreement with Equifax Inc. (“Equifax”), according to which, Equifax agreed...more
7/31/2019
/ Civil Penalty Fund ,
Consumer Financial Protection Bureau (CFPB) ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Equifax ,
Federal Trade Commission (FTC) ,
Gramm-Leach-Blilely Act ,
Personally Identifiable Information ,
Settlement Agreements ,
Unfair or Deceptive Trade Practices
According to our CCPA Countdown Clock, we are 161 days and counting to the effective date of the California Consumer Privacy Act. The Mintz Privacy team is deeply involved in working with clients on developing compliance...more
Welcome to July. While the California Consumer Protection Act (“CCPA”) is certainly one of the most important pieces of privacy legislation affecting many businesses today, we want to remind our readers of another California...more
7/2/2019
/ Artificial Intelligence ,
Bots ,
Business & Professions Code ,
Disclosure Requirements ,
False Advertising ,
Goods or Services ,
Internet of Things ,
Safe Harbors ,
Telecommunications ,
VoIP ,
Website Owner Liability
Get ready: October 1, 2019 is the new date for many U.S. businesses to begin providing consumers the right to opt-out of the sale of their personal information. While January 1, 2020 was the date upon which many businesses...more
Office Depot and its tech support provider, Support.com, proved to be anything but “supportive” after allegedly providing false malware scan results and conning customers into paying for repairs and technical services that,...more
Significant changes to the Massachusetts data breach notification law take effect on April 11, 2019. You can view the amendment here. If you haven’t looked at your written information security plan, or WISP, in a while, now’s...more