The advocacy group, Californians For Consumer Privacy, has qualified the California Privacy Rights Act (CPRA) for the November 2020 ballot. The required number of signatures was verified by the California Secretary of State,...more
Republican members of the Senate Commerce, Science and Transportation Committee formally introduced legislation on May 7, 2020, to give Americans more control over and insight into how their personal health, proximity and...more
5/12/2020
/ Consumer Privacy Rights ,
Contact Tracing ,
Data Collection ,
Data Privacy ,
Data Protection ,
Employee Privacy Rights ,
Geological Data ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Legislation ,
Public Health Emergency
Akin Gump cybersecurity, privacy and data protection co-heads Natasha Kohne and Michelle Reed discuss the California Consumer Privacy Act and its implications for business in this episode recorded in mid-March....more
In what is being called a breakthrough in the use of facial recognition technology, the state of Washington enacted a new law establishing parameters for the technology’s use by state and local governments on Tuesday, March...more
The California Attorney General’s Office is going forward with the enforcement of the California Consumer Privacy Act (CCPA) despite the logistical issues caused by COVID-19. An advisor to Attorney General Becerra made a...more
- The California Attorney General Office (AGO) issued revised proposed regulations (Version 2) regarding the California Consumer Privacy Act on February 7, 2020. The AGO will collect comments on the revised regulations until...more
2/21/2020
/ California Consumer Privacy Act (CCPA) ,
Comment Period ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Notice Requirements ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Policy ,
Proposed Regulation ,
Public Comment ,
Right to Delete ,
Right To Know ,
State Attorneys General
- The Washington state Senate has passed its version of a consumer data privacy bill as state lawmakers debate proposed legislation for the Washington Privacy Act, the state’s first data privacy law.
- In their own bill,...more
2/19/2020
/ Consumer Privacy Rights ,
Corporate Counsel ,
Customer-Loyalty Programs ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Facial Recognition Technology ,
Legislative Agendas ,
Opt-Outs ,
Personally Identifiable Information ,
Preemption ,
Privacy Legislation ,
Private Right of Action ,
Proposed Legislation ,
Right to Delete ,
Right-To-Access
On Tuesday, November 26, Sen. Maria Cantwell (D-WA), Ranking Member of the Senate Commerce, Science, and Transportation Committee, introduced the Consumer Online Privacy Rights Act. The bill notably contains a private right...more
Key Points -
- The Online Privacy Act was introduced in the House of Representatives. If passed, it would establish individual privacy rights related to personal information.
- The Filter Bubble Transparency Act was...more
11/8/2019
/ Covered Entities ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
New Legislation ,
Online Platforms ,
Personal Data ,
Personal Information ,
Privacy Laws
With the expansion of privacy legislation—from the General Data Protection Regulation (GDPR) in Europe to the coming California Consumer Privacy Act (CCPA) in the United States—cyber liability insurance is taking on increased...more
11/4/2019
/ California Consumer Privacy Act (CCPA) ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Denial of Insurance Coverage ,
Incident Response Plans ,
Insurance Contracts ,
Insurance Litigation ,
Liability Insurance ,
Litigation Fees & Costs ,
Policies and Procedures ,
Popular ,
Privacy Laws ,
Private Right of Action ,
Risk Mitigation ,
Third-Party Liability
• The Draft Regulations introduced by the California Attorney General’s Office on October 10, 2019 are subject to a public comment period and public hearings that will close on December 6, 2019. Now is the time to act to try...more
10/29/2019
/ California Consumer Privacy Act (CCPA) ,
Comment Period ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
Proposed Regulation ,
Public Comment ,
Right to Delete ,
Right To Know ,
State Attorneys General
California Governor Gavin Newsom concluded the 2019 legislative session this month by signing into law a number of privacy bills that amend or build on the landmark California Consumer Privacy Act (CCPA). CCPA amendments were...more
Attorney General Becerra held a press conference on October 10th, 2019, and announced the release of proposed regulations concerning the California Consumer Privacy Act (CCPA). He stressed that privacy is an inalienable right...more
10/14/2019
/ California Consumer Privacy Act (CCPA) ,
Comment Period ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Regulation ,
Public Comment ,
State Attorneys General
Alastair Mactaggart, the real estate developer who led the push for the California Consumer Privacy Act (CCPA), is at it again. Mactaggart and his organization, Californians for Consumer Privacy, have submitted a new ballot...more
9/27/2019
/ Algorithms ,
Ballot Measures ,
California Consumer Privacy Act (CCPA) ,
Comment Period ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws ,
Public Comment ,
State Agencies
• The California Consumer Privacy Act (CCPA) goes into effect on January 1, 2020. The window of opportunity to pass federal privacy legislation to preempt the CCPA in the 116th Congress is rapidly closing.
• Discussions are...more
9/26/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Legislative Agendas ,
Preemption ,
Privacy Laws ,
Private Right of Action
On May 29, 2019, Nevada’s governor approved a new privacy law, Senate Bill 220 (“SB 220”). SB 220 amends existing state law that requires operators of websites and online services (“Operators”) to post privacy notices on...more
9/12/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Rights ,
Data Security ,
Data Use Policies ,
New Legislation ,
Online Platforms ,
Operators ,
Opt-Outs ,
Permanent Injunctions ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
Private Right of Action ,
State Data Privacy Laws ,
Statutory Penalties ,
Third-Party Service Provider ,
Websites
On September 4, 2019, the Federal Trade Commission (FTC or the “Commission”) announced a settlement with YouTube and its parent Google that resolves allegations that the companies violated the Children’s Online Privacy...more
9/10/2019
/ COPPA ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Google ,
Mobile Apps ,
Online Safety for Children ,
Parental Consent ,
Personally Identifiable Information ,
Privacy Policy ,
Settlement ,
Settlement Offer ,
Statutory Penalties ,
Statutory Violations ,
Website Owner Liability ,
Websites ,
YouTube
On August 1, 2019, Bahrain’s Personal Data Protection Law (PDPL) (Law No. (30) of 2018) took effect. The PDPL aims to align Bahrain’s data protection framework more closely with global best practices and regulates the...more
8/21/2019
/ Bahrain ,
Best Practices ,
Civil Liability ,
Criminal Liability ,
Criminal Penalties ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
International Data Transfers ,
New Legislation ,
Personally Identifiable Information ,
Written Consent
Data protection authorities (DPAs) in the European Union (EU) continue to scrutinize practices in the adtech sector for compliance with the EU’s General Data Protection Regulation (GDPR) and local data protection and...more
8/6/2019
/ Cookies ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Subjects Rights ,
Data Use Policies ,
Electronic Communications ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Marketing ,
Notice Requirements ,
Online Advertisements ,
Personal Data ,
Popular
• New York recently enacted the Stop Hacks and Improve Electronic Data Security (SHIELD) Act, which expands data breach notification requirements and imposes new data security obligations on businesses that own, license or,...more
8/5/2019
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Governor Cuomo ,
HIPAA Breach ,
New Legislation ,
Personally Identifiable Information ,
Popular ,
SHIELD Act ,
State Data Breach Notification Statutes
As the privacy debate heats up on Capitol Hill, Rep. Anna Eshoo (D-CA), a senior member of the House Energy and Commerce Committee, and Rep. Zoe Lofgren (D-CA), a senior member of the House Judiciary Committee—both of Silicon...more
• May 31, 2019, was the deadline for the California Legislature to pass bills out of the chamber in which they were introduced. Several measures proposing amendments to the California Consumer Privacy Act (CCPA) passed the...more
6/5/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Legislative Agendas ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Amendments
A year ago, on May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) came into force. With its extraterritorial scope and detailed requirements, the GDPR aimed to change the approach to personal data...more
5/31/2019
/ Consent ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Security ,
Data Subjects Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Popular ,
Regulatory Oversight ,
Regulatory Standards ,
Telemarketing
• The SEC released a Risk Alert summarizing key areas in which it continues to see compliance deficiencies related to Regulation S-P, the primary SEC rule regarding privacy notices and safeguard policies of investment...more
4/29/2019
/ Broker-Dealer ,
Customer Information ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Employee Training ,
Incident Response Plans ,
Investment Adviser ,
Notice Requirements ,
OCIE ,
Opt-Outs ,
Personally Identifiable Information ,
Policies and Procedures ,
Popular ,
Privacy Policy ,
Regulation S-P ,
Risk Alert ,
Safeguards Rule ,
Securities and Exchange Commission (SEC) ,
Vendors
The EU General Data Protection Regulation (GDPR), which revised and sought to ensure greater harmonization of the European Union’s data protection framework, took effect in May 2018. Among the changes it introduced was the...more
2/21/2019
/ Cybersecurity ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Data Subjects Rights ,
EU ,
Extraterritoriality Rules ,
General Data Protection Regulation (GDPR) ,
Goods or Services ,
International Data Transfers ,
Proposed Guidance