New York has enacted the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) to amend the state’s data breach notification law to impose more expansive data security and data breach notification requirements on...more
Possibly adding to the list of states that have updated their privacy and breach notification laws this year, the Illinois legislature passed Senate Bill 1624 which would update the state’s current breach notification law to...more
The California Consumer Privacy Act (CCPA), which goes into effect January 1, 2020, is considered the most robust state privacy law in the United States. The CCPA seems to have spurred a flood of similar legislative proposals...more
The California Consumer Privacy Act (CCPA), which goes into effect January 1, 2020, is considered the most robust state privacy law in the United States. The CCPA seems to have spurred a flood of similar legislative proposals...more
The California Senate Appropriations Committee recently blocked a bill that would expand a private right of action under the California Consumer Privacy Act (CCPA). As we reported, in late February, California Attorney...more
California keeps making privacy headlines for its trailblazing California Consumer Privacy Act (“CCPA”), set to take effect January 1, 2020, but there is another set of privacy bills making its way through the California...more
Wrongful use of retirement plan participant data was among the claims made by a class of 40,000 participants against the plan sponsor and others in Cassell et al. v. Vanderbilt University et al. Specifically, the plan...more
Ever since the California Consumer Privacy Act (CCPA) was enacted in June of 2018 it has been in a constant state of revision. First, in September of 2018, Governor Jerry Brown signed into law Senate Bill 1121, which helped...more
5/3/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws ,
Right to Delete
How will the California Consumer Protection Act (CCPA) apply to us? This is a question 0rganizations have asked since the CCPA was first proposed. There remains a number of important questions about the scope of the Golden...more
The much-anticipated amendment to North Carolina’s data breach notification law that we reported on earlier this year (see here) has finally been introduced to the state’s General Assembly. The bill entitled, an Act...more
It was looking like Washington state would be the first state to follow the California Consumer Privacy Act (CCPA), with a GDPR-like law of its own. That effort has stalled, perhaps temporarily. However, both Washington’s...more
As we reported, in late February, California Attorney General Xavier Becerra and Senator Hannah-Beth Jackson introduced Senate Bill 561, legislation intended to strengthen and clarify the California Consumer Privacy Act...more
4/15/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Private Right of Action ,
Right to Delete
As reported by CBC, B.C. Pension Corporation announced a data breach involving pension plan records after discovering a box containing microfiche could not be found following a recent office move. The box contained personal...more
UPDATE: As discussed below, SB2134, as introduced, would have amended BIPA to delete the language that creates a private right of action and provide, instead, that violations resulting from the collection of biometric...more
A few weeks back a company’s watch list containing nearly 2.5 million individuals and entities considered “high-risk” for its clients was mistakenly leaked to the public. A “high-risk” entity in this circumstance was one...more
The California Consumer Privacy Act (CCPA), passed in 2018 and taking effect January 1, 2020, is considered the most expansive state privacy law in the United States, and sparked a flurry of state privacy law legislative...more
Yesterday, the U.S. Supreme Court rejected a petition for a writ of certiorari by Zappos requesting the Court to review a Ninth Circuit Court decision which allowed customers affected by a data breach to proceed with a...more
The California Consumer Privacy Act (CCPA), which goes into effect January 1, 2020, is considered the most expansive state privacy law in the United States. Organizations familiar with the European Union’s General Data...more
3/15/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws ,
Private Right of Action ,
Right to Delete
In light of several large-scale breaches of late, the New Jersey General Assembly is taking steps to enhance the state’s data breach notification requirements. In late February, Assembly Bill 3245 (AB 3245), introduced by...more
According to reports, bank customers in Australia (yes, data breach notification requirements exist down under) have been affected by “an industry-wide” data breach experienced by a third-party service provider to the banks –...more
On February 25, 2019, California Attorney General Xavier Becerra and Senator Hannah-Beth Jackson introduced Senate Bill 561, legislation intended to strengthen and clarify the California Consumer Privacy Act (CCPA), which was...more
2/26/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws ,
Right to Delete
The U.S. Supreme Court may finally weigh in on the hottest issue in data breach litigation, whether a demonstration of actual harm is required to have standing to sue. Standing to sue in a data breach class action suit,...more
Data privacy and security regulation is growing rapidly around the world, including in the United States. In addition to strengthening the requirements to secure personal data, individuals are being given an increasing array...more
1/29/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Notice Requirements ,
Opt-Outs ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Right to Delete
Observers of the recent changes in the Massachusetts data breach notification law likely will focus on the addition of the obligation to provide 18 months of credit monitoring following a breach involving Social Security...more
On September 23, 2018, Governor Jerry Brown signed into law SB-1121 amending certain provisions of the California Consumer Privacy Act of 2018 (CCPA) which was enacted in June of this year. As we reported previously, CCPA...more