California Privacy Protection Agency Releases Revised Regulations -
With the effective date less than three months away, and ahead of a Board Meeting on October 28 and 29, the California Privacy Protection Agency released...more
10/24/2022
/ Biometric Information Privacy Act ,
California ,
California Privacy Rights Act (CPRA) ,
Colorado ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Privacy ,
Data Protection ,
EU ,
European Commission ,
Executive Orders ,
General Data Protection Regulation (GDPR) ,
Interactive Advertising Bureau ,
Internet of Things ,
Joe Biden ,
National Security ,
NIST ,
Online Safety for Children ,
PIPEDA ,
Popular ,
Privacy Framework ,
Privacy Laws ,
Ransomware ,
Schrems I & Schrems II ,
Sensitive Personal Information
CPPA Amends Draft CPRA Regulations & Announces Public Comment Dates -
The California Privacy Protection Agency (CPPA) has announced amendments to the California Privacy Rights Act proposed regulations, which primarily...more
7/13/2022
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Cookies ,
Data Breach ,
Data Brokers ,
Data Protection ,
Department of Justice (DOJ) ,
Enforcement ,
Federal Trade Commission (FTC) ,
FTC Act ,
General Data Protection Regulation (GDPR) ,
Metaverse ,
New Regulations ,
Privacy Laws ,
Rulemaking Process
As more states enact their own privacy laws, members of the privacy community and those impacted by privacy legislation continue to push for uniformity. The American Data Privacy and Protection Act (ADPPA) addresses this...more
7/6/2022
/ Biometric Information Privacy Act ,
Breach Notification Rule ,
California Consumer Privacy Act (CCPA) ,
Chief Privacy Officer ,
Communications Act of 1934 ,
Consumer Privacy Rights ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Data Privacy ,
Federal Trade Commission (FTC) ,
Online Safety for Children
California Privacy Protection Agency Releases Draft CPRA Regulations -
The California Privacy Protection Agency (CPPA) just released proposed California Privacy Rights Act (CPRA) regulations. The regulations expand...more
6/8/2022
/ Artificial Intelligence ,
Biometric Information ,
California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
CNIL ,
Cyber Crimes ,
Data Breach ,
Data Security ,
Department of Justice (DOJ) ,
Employment Discrimination ,
Equal Employment Opportunity Commission (EEOC) ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
Hiring & Firing ,
Job Applicants ,
Personal Information ,
Privacy Laws ,
Schrems I & Schrems II
US News -
Utah Will Soon Publish US’s Latest Comprehensive State Privacy Law -
The Utah Consumer Privacy Act, also known as Senate Bill 227, recently cleared the Senate and the House. Though there are a few more steps...more
3/11/2022
/ Biometric Information Privacy Act ,
California Privacy Rights Act (CPRA) ,
Class Action ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Department of Justice (DOJ) ,
Dismissals ,
Enforcement ,
EU ,
European Commission ,
General Data Protection Regulation (GDPR) ,
India ,
New Legislation ,
Oman ,
Popular ,
Privacy Laws ,
Proposed Regulation ,
Settlement ,
State and Local Government ,
State Privacy Laws ,
Wiretapping ,
Workers Compensation Act
FTC Warns Companies to Remediate Log4j Security Vulnerability -
Log4j is a ubiquitous piece of software used to record activities in a wide range of systems found in consumer-facing products and services. Recently, a...more
1/19/2022
/ Apple ,
Audits ,
CNIL ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Department of Defense (DOD) ,
European Data Protection Board (EDPB) ,
Federal Trade Commission (FTC) ,
GAO ,
General Data Protection Regulation (GDPR) ,
Opt-Outs
Best Practices for the Virginia Consumer Data Protection Act -
The Virginia Consumer Data Protection Act (VCDA) Working Group of the Joint Commission on Technology and Science released its final report on best practices...more
12/10/2021
/ CDPA ,
CNIL ,
Consumer Financial Protection Bureau (CFPB) ,
Consumer Privacy Rights ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Privacy ,
Data Security ,
Employee Monitoring ,
Enforcement Actions ,
ENISA ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
Fair Credit Reporting Act (FCRA) ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Privacy Laws ,
Ransomware ,
UNESCO ,
Virginia
FCC Seeks Public Comment on the Current and Future Regulation of the “Internet of Things” -
The FCC is requesting public comment in a proceeding that will help determine the scope and nature of regulation of the “Internet of...more
10/13/2021
/ Artificial Intelligence ,
Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
Class Action ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection Impact Assessments (DPIAs) ,
Enforcement Actions ,
FCC ,
General Data Protection Regulation (GDPR) ,
Hacking Back ,
Internet of Things ,
Malware ,
Mobile Apps ,
NIST ,
Notice of Proposed Rulemaking (NOPR) ,
Opt-Outs ,
Popular ,
Public Comment ,
Securities and Exchange Commission (SEC) ,
Securities Fraud ,
Settlement ,
Software
Second Circuit Denies Settlement of Data Breach Case Due to Lack of Standing -
As we previously reported, in April 2021, the Second Circuit became the latest federal circuit to hold that an individual may establish Article...more
9/23/2021
/ Arbitration ,
Article III ,
Biometric Information ,
Biometric Information Privacy Act ,
California ,
Class Action ,
Data Breach ,
Data Privacy ,
Data Protection ,
Declaratory Judgments ,
Health Care Providers ,
IL Supreme Court ,
Negligence ,
Pipelines ,
Putative Class Actions ,
Ransomware ,
Settlement ,
Standing ,
Unfair Competition ,
Unfair Competition Law (UCL) ,
Virtual Private Networks
In Blackbaud Inc. Customer Data Security Breach Litigation, No. 3:20-mn-02972 (D.S.C. Aug. 12, 2021), a federal judge found that defendant, Blackbaud Inc. was subject to the CCPA despite its motion to dismiss asserting that...more
9/22/2021
/ California ,
California Consumer Privacy Act (CCPA) ,
China ,
Class Action ,
COPPA ,
Cyber Attacks ,
Data Breach ,
Data Collection ,
Enforcement Actions ,
EU ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Personal Information Protection Law (PIPL) ,
Securities and Exchange Commission (SEC) ,
Settlement ,
Standard Contractual Clauses ,
UK
The Middle District of Pennsylvania recently rejected arguments that a report created in response to a data breach was protected as work-product and/or under attorney-client privilege because:
The report’s Statement of Work...more
US Department of Homeland Security Publishes Strategic Plan on Artificial Intelligence -
The Dep’t of Homeland (DHS) Security Science and Technology Directorate recently published its Artificial Intelligence & Machine...more
8/18/2021
/ Analytics ,
Artificial Intelligence ,
Biometric Information ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Department of Homeland Security (DHS) ,
Department of Labor (DOL) ,
Employee Retirement Income Security Act (ERISA) ,
General Data Protection Regulation (GDPR) ,
Machine Learning ,
Popular ,
Risk Mitigation ,
Wiretapping
Crippling data breaches and sophisticated ransomware attacks are increasingly common threats to modern businesses. Ransomware attacks can not only target confidential company data and data collected from customers but...more
6/14/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
CDPA ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Hackers ,
Malware ,
Ransomware
In April 2021, the Second Circuit issued a decision recognizing an increased risk of future, unrealized identity theft or fraud as a basis for establishing Article III standing.
Background -
The case, McMorris v. Carlos...more
The California Consumer Privacy Act (CCPA), the landmark privacy law making waves since taking effect earlier this year, has continued to evolve as legislators and the California Office of the Attorney General refine and...more
Important information for brand protection, including recent Arent Fox News on advertising and marketing issues, as well as headlines that matter for privacy and data security.
FTC Investigates Financial Products Review Site...more
3/13/2020
/ Advertising ,
Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Consumer Financial Products ,
Data Breach ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
FTC Endorsement Guidelines ,
Information Commissioner's Office (ICO) ,
NARB ,
NIST ,
Personal Data ,
Popular
As security risks continue to be at the forefront of legislators’ agendas across the country, New York has joined the growing roster of states pressing businesses to develop more robust breach procedures. Originally proposed...more
10/16/2019
/ Biometric Information ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
New Legislation ,
Personal Data ,
Personal Information ,
Security and Privacy Controls ,
SHIELD Act ,
State Data Breach Notification Statutes
Inside the Privacy Shield Annual Review -
Dozens of senior US and EU government officials were joined by officials from data protection authorities in Austria, Bulgaria, France, Germany and Hungary to discuss whether the...more
10/9/2019
/ Audio Recording ,
California Consumer Privacy Act (CCPA) ,
Credit Cards ,
Data Breach ,
Data Collection ,
Data Protection Authority ,
Email ,
Enforcement Actions ,
Equifax ,
EU ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
Hackers ,
Identity Theft ,
Personal Information ,
Popular ,
Schrems I & Schrems II ,
Settlement ,
Software ,
Spam ,
Technology Sector ,
UK ,
UK Employment Appeal Tribunal ,
Unfair Dismissal
Delta Sues Software Provider Over Data Breach -
Delta Airlines sued its customer service chat provider, [24]7.ai Inc., in New York federal court accusing it of lax digital security practices that allowed a hacker to steal...more
9/12/2019
/ California Consumer Privacy Act (CCPA) ,
Canada ,
Consent Order ,
Data Breach ,
Delta Airlines ,
Email ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Popular ,
Settlement ,
Software ,
Statutory Violations ,
Swiss Privacy Shield ,
Third-Party Service Provider ,
UK Employment Appeal Tribunal ,
Video Recordings ,
WISP
Equifax to Pay up to $700 Million as Part of Settlement for 2017 Data Breach -
Equifax has agreed to pay at least $575 million, and potentially up to $700 million, as part of a global settlement with the FTC, the CFPB, and...more
8/13/2019
/ Amended Regulation ,
Brazil ,
California Consumer Privacy Act (CCPA) ,
Canada ,
Capital One ,
Comment Period ,
Consumer Financial Protection Bureau (CFPB) ,
Consumer Privacy Rights ,
COPPA ,
Data Breach ,
Equifax ,
EU ,
Federal Trade Commission (FTC) ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Proposed Amendments ,
Public Hearing ,
Security and Privacy Controls ,
Settlement ,
Websites
Federal US News -
FTC Takes Action Against Companies Falsely Claiming Compliance With International Privacy Agreements -
The FTC reached a settlement with a background screening company over allegations it falsely claimed...more
7/16/2019
/ Accreditation ,
Advertising ,
Annual Reports ,
Asia Pacific ,
Automotive Industry ,
California Consumer Privacy Act (CCPA) ,
Code of Conduct ,
Consumer Information ,
Consumer Privacy Rights ,
Cookies ,
Cross-Border Transactions ,
Cybersecurity ,
Data Breach ,
Data Security ,
Enforcement Actions ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
False Statements ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Internet Service Providers (ISPs) ,
Legal Representatives ,
New Rules ,
NIST ,
Popular ,
Prior Express Consent ,
Privacy Laws ,
Private Right of Action ,
Proposed Legislation ,
Right of Access ,
Right to Be Forgotten ,
Right to Control ,
Settlement ,
State Legislatures ,
Targeted Digital Advertising ,
Third-Party Service Provider ,
UK ,
UK ICO
The Federal Trade Commission (FTC) recently released updated data security guidance in connection with a proposed settlement with LightYear Dealer Technologies, LLC (dba DealerBuilt), a service provider for the auto dealer...more
6/26/2019
/ Automotive Industry ,
Car Dealerships ,
Data Breach ,
Data Security ,
Data Storage ,
Electronically Stored Information ,
Encryption ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Gramm-Leach-Blilely Act ,
Personally Identifiable Information ,
Settlement ,
Third-Party Service Provider ,
Unfair or Deceptive Trade Practices