NIST Publishes Report on the Cybersecurity of Genomic Data. On December 20, 2023, the NIST National Cybersecurity Center of Excellence (NCCoE) published Final NIST IR 8432, Cybersecurity of Genomic Data. Informed by direction...more
2/13/2024
/ Artificial Intelligence ,
Biometric Information ,
Biometric Information Privacy Act ,
Consumer Financial Products ,
Consumer Fraud ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Brokers ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
NIST ,
Personal Information ,
Personally Identifiable Information ,
Popular ,
Putative Class Actions
In recent regulatory and enforcement developments, the California Privacy Protection Agency (CPPA) proposed a regulatory framework for automated decision-making technology (ADMT) and revisions to the California Consumer...more
2/7/2024
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
COPPA ,
Cyber Attacks ,
Data Breach ,
Data Brokers ,
Data Protection ,
FCC ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
Personal Data ,
Popular ,
Reporting Requirements ,
Robocalling ,
Social Media ,
State Attorneys General ,
Vulnerability Assessments ,
Website Owner Liability
Editor’s Note: The FTC continues to crack down on privacy and cybersecurity, including issuing a new warning to tax preparation companies and entering into a consent decree with 1Health.io. VPPA and BIPA litigation continues...more
11/28/2023
/ Artificial Intelligence ,
Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consent Order ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Executive Orders ,
Federal Trade Commission (FTC) ,
Final Rules ,
Financial Institutions ,
Gramm-Leach-Blilely Act ,
Motion to Dismiss ,
NIST ,
Personal Information ,
Popular ,
Privacy Policy ,
Putative Class Actions ,
Safeguards Rule ,
State Attorneys General
Editor’s Note: As the summer months come to an end, there has been no shortage of privacy news and updates. Oregon signed both a comprehensive privacy law and data broker law, and the SEC adopted new rules regarding the...more
9/15/2023
/ Biometric Information ,
Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Fingerprints ,
Popular ,
Securities and Exchange Commission (SEC)
Generative artificial intelligence (AI) has seemingly infiltrated every aspect of corporate America, and organizations’ legal, compliance, and human resources departments are understandably struggling to keep pace with its...more
Editor’s Note: Texas, Oregon, and Delaware became the latest states to pass a comprehensive privacy bill, while the CPRA, Connecticut, and Colorado’s privacy laws came into force. In the litigation world, the FTC filed an...more
7/20/2023
/ California Privacy Rights Act (CPRA) ,
Data Breach ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Fair Credit Reporting Act (FCRA) ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
Health Insurance Portability and Accountability Act (HIPAA) ,
New Legislation ,
Personal Data ,
Popular ,
Securities and Exchange Commission (SEC) ,
Small Business ,
State Data Privacy Laws
Editor’s Note: Montana became the latest state to pass a comprehensive privacy bill, joining California, Virginia, Colorado, Connecticut, Utah, and Tennessee. Florida, too, passed a privacy bill, but with a much narrower...more
6/21/2023
/ Biometric Information ,
Consumer Privacy Rights ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
New Legislation ,
Popular ,
Regulatory Reform ,
State Data Privacy Laws
Editor’s Note: Indiana became the latest state to enact a comprehensive privacy law, with Montana and Tennessee close behind. Washington passed sweeping legislation — the My Health My Data Act — which included a private right...more
Editor’s Note: Iowa became the sixth state in the nation to enact a comprehensive privacy law, and California’s latest privacy regulations came into effect. At the federal level, Congress experienced a leak of sensitive...more
Editor’s Note: The U.S. Marshals Service suffered a data breach, demonstrating that no one is immune from such an occurrence. In regulatory news, government agencies remained focused on privacy, as the SEC proposed amendments...more
Editor’s Note: The California Privacy Protection Agency released amendments to its draft regulations, and the Consumer Finance Protection Bureau contemplates rulemaking on sharing financial data. In U.S. litigation, the first...more
Editor’s Note: In the U.S. laws and regulation space, the White House is focusing on privacy, evident through its session on accountability for big tech and the recent executive order highlighting cybersecurity risks....more
10/18/2022
/ Biometric Information ,
Biometric Information Privacy Act ,
CFIUS ,
COPPA ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
GAO ,
Popular ,
Proposed Regulation
On July 29, New York State’s Department of Financial Services (NYDFS) released draft amendments (Draft Amendments) to its Part 500 Cybersecurity Regulation for financial service companies that, among others things: (1)...more
On August 11, the Consumer Financial Protection Bureau (CFPB) published a circular, answering the question “Can entities violate the prohibition on unfair acts or practices in the Consumer Financial Protection Act (CFPA) when...more
Editor’s Note: In the U.S. laws and regulation space, federal lawmakers continued to push the American Data Privacy and Protection Act forward, and the FTC pledged to enforce the law against the illegal use of highly...more
Background on the PIPL Security Assessment. On July 7, China’s top regulator, the Cyberspace Administration of China (CAC), released the final version of the Measures for Security Assessment of Data Exports (Security...more
Editor’s Note: In the U.S. laws and regulation space, federal lawmakers formally introduced bipartisan comprehensive federal privacy legislation titled, the American Data Privacy and Protection Act. Meanwhile, California...more
Introduction -
On April 29, Aerojet Rocketdyne Holdings Inc. (Aerojet) settled claims by whistleblower Brain Markus for a reported $9 million after the second day of a jury trial. This is the second recent settlement under...more
Creation of CyTech. On May 9, the National Association of Attorneys General (NAAG) announced the creation of the NAAG Center on Cyber and Technology (CyTech), joining a number of other centers focused upon key issues for...more
On April 28, the Connecticut House passed Senate Bill 6, an act concerning personal data privacy and online monitoring (SB 6 or Connecticut Act). The Senate unanimously passed SB 6 on April 20, and is now currently under...more