A number of private and government entities have released apps and software development kits (SDKs) relying on location tracking data to help tackle the COVID-19 pandemic. While the use of such technologies are being hotly...more
Following its 20th plenary session on April 7, the European Data Protection Board (EDPB) selected geolocation and health data to focus on in its upcoming COVID-19 guidance. This follows in response to the EDPB’s earlier broad...more
As reported earlier... FDA is taking steps to increase the availability of Personal Protective Equipment (PPE) and COVID-19 diagnostic tests, support the development of therapeutics, and facilitate remote patient access to...more
FDA is taking action every day to increase the availability of Personal Protective Equipment (PPE) and COVID-19 diagnostic tests, to support the development of therapeutics, and to facilitate remote patient access to...more
On March 11, 2020, the second set of modifications (or the third version) of the CCPA draft regulations were released. While the number of substantive changes dwindled in this version, there are a number of drafting...more
Businesses collecting personal information from New York residents will soon be expected to apply enhanced data security requirements. The New York SHIELD Act, signed into law in July 2019, expanded breach notice requirements...more
The FTC recently released its annual privacy and security report, providing a snapshot of the issues focused on in the previous year. These reports are often looked at as a signal for insights into the agency’s upcoming...more
3/5/2020
/ Annual Reports ,
Comment Period ,
COPPA ,
Data Privacy ,
Data Security ,
Enforcement Actions ,
Enforcement Statistics ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
NIST ,
Rulemaking Process
NIST recently released a final version of its Privacy Framework to incorporate public feedback in response to the draft it issued late last year. For organizations familiar with the NIST Cybersecurity Framework first released...more
On February 10, the California Attorney General’s office released a highly anticipated updated draft of the proposed CCPA regulations. This draft corrected a version first issued on February 7, 2020. These latest updates...more
The FTC recently summarized three major changes it made to its orders in data security cases. In a blog signaling these changes, the FTC Indicated that some of the things it has been requiring of companies in 2019 are here to...more
1/15/2020
/ C-Suite Executives ,
Certificates of Compliance ,
Chief Information Security Officer (CISO) ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Employee Training ,
Encryption ,
Federal Trade Commission (FTC) ,
Information Security ,
Internal Data Controls ,
Security Risk Assessments ,
Third-Party Liability
Many organizations are currently focused on updating their privacy policy to include content required by CCPA. While making those edits, now is a good time to take a step back and think more broadly about privacy program and...more
The Network Advertising Initiative, which provides guidance to advertisers who engage in personalized advertising, updated its Code of Conduct (2020 Code) earlier this year to address, inter alia, data collected offline and...more
January 1, 2020, organizations that employ individuals based in Illinois will need to keep in mind the Artificial Intelligence Video Interview Act. This Act sets forth new requirements for video-recorded interviews using AI...more
12/4/2019
/ Artificial Intelligence ,
Consent ,
Employer Liability Issues ,
Hiring & Firing ,
Human Resources Professionals ,
Interviews ,
Job Applicants ,
New Legislation ,
Popular ,
State Labor Laws ,
Video Recordings ,
Videoconference
The EU Commission concluded its third annual review of the EU-U.S. Privacy Shield and found that it continues to provide an adequate level of protection for EU personal data. The program was created as a mechanism to...more
The FTC recently settled with Infotrax Systems, L.C. a technology company providing software to the direct sales industry. The settlement followed a breach suffered by the company, and involved allegations the company had...more
11/21/2019
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Hackers ,
Personally Identifiable Information ,
Popular ,
Settlement ,
Software Developers ,
Technology Sector
Joining Vermont, California will now require data brokers to register with the California Attorney General. The law was signed October 11, 2019. It applies to companies that “knowingly” collect and sell personal information...more
10/14/2019
/ Amended Legislation ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Brokers ,
Data Collection ,
E-Commerce ,
Governor Newsom ,
Privacy Laws ,
Registration Requirement ,
State Attorneys General ,
State Data Privacy Laws
The California attorney general has released draft regulations for CCPA, giving companies further guidance on a variety of topics. The regulations are in draft, and comments are due to the attorney general’s office by...more
The Sixth Circuit is the latest court to weigh in on the definition of ATDS under TCPA. The TCPA defines ATDS as equipment that has the capacity “to store or produce telephone numbers to be called, using a random or...more
Effective October 1, 2019, organizations providing health insurance and related services must notify the Maryland Insurance Administration as part of its breach notification requirements.
In August 2019, the Maryland...more