On Oct. 17 and again on Nov. 3, the California Privacy Protection Agency, or CPPA, modified the text of the proposed regulations implementing the California Privacy Rights Act, or CPRA.
Originally published in Law360 on...more
A thesis statement for this month's Cyber Capsule might be "You're Doing It Wrong." Whether it's easily guessable passwords, manipulated URLs, or waiting longer than prudent to report a data breach, most of our items look at...more
Please find our eighth edition of the Cyber Capsule. In this edition, we discuss a brazen botnet, steps to shield the online availability of federal judges' personal information, the price of cybersecurity, and a warning...more
In this episode of Unauthorized Access, Kamran and Sadia are joined by Redpoint Cybersecurity VP of Client Engagement Violet Sullivan. The three cyber experts discuss board level buy-in and how to make sure the board is...more
It is 2022, which means you’ve received your fair share of consumer breach notification letters.
Originally published in Law360 on September 30, 2022....more
Please join Consumer Financial Services Partner Chris Willis and his colleagues Privacy + Cyber Associate Sadia Mirza and Privacy + Cyber Partner Kamran Salour as they discuss phishing. Kamran and Sadia break down what...more
According to the Verizon Wireless 2022 Data Breach Investigations Report, there are four prominent paths that threat actors use to gain unauthorized access into an organization’s network...
Originally published in Law360 on...more
In this episode of Unauthorized Access, Kamran and Sadia welcome their firm colleague, Privacy + Cyber Partner and Team Leader Ron Raether, in a discussion on consumer breach notices — specifically from Ron's perspective as a...more
Welcome to the sixth edition of the Cyber Capsule. This edition focuses on protecting judges’ personal information; an uptick in phishing; a regulatory decision and a judicial opinion, each of which may impact how companies...more
For nearly 20 years, October has served as Cybersecurity Awareness Month. To highlight the importance of being cyber ready, we will release weekly tricks and treats as part of this four-part series to make your business more...more
The holiday season is around the corner. For most of us, it is a time of joy, cheer, excitement, and hopefully some relaxation. For cyber criminals, however, this is the busy season (same goes for Santa and his elves).
...more
Can cyber investigations be canned? Find out what Sadia, Kamran, and this month’s guest, Shawn Tuma of Spencer Fane, have to say. The gloves come off as these three breach coaches duke it out for the final word on this topic....more
Exemption Extensions Failed. On August 31, California's legislature ended its 2022 session without adopting legislation to extend the California Consumer Privacy Act (CCPA) employee and business-to-business (B2B) personal...more
With the notice and cure set to expire on January 1, 2023, California Attorney General Rob Bonta (CA AG) provided a glimpse at what to expect with its first settlement of alleged violations of the California Consumer Privacy...more
9/1/2022
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Personal Information ,
Privacy Laws ,
Sephora ,
Statutory Violations
In this episode of Unauthorized Access, Kamran and Sadia welcome Tony Kirtley of Secureworks. Tony discusses the emotional response to a ransomware attack, particularly how the emotional response mirrors the Kübler-Ross five...more
The California Privacy Rights Act (CPRA) established the California Privacy Protection Agency (CPPA), and requires the CPPA to adopt, amend, and rescind regulations on 22 topics — including, among other things, definitions,...more
The California Privacy Rights Action (CPRA) will significantly impact how entities process personal information requiring covered businesses to review and update their existing vendor agreements. The CPRA also includes...more
On April 28, the Connecticut House passed Senate Bill 6, an act concerning personal data privacy and online monitoring (SB 6 or Connecticut Act). The Senate unanimously passed SB 6 on April 20, and is now currently under...more
Most privacy laws derive from the same core foundational principles, namely the Fair Information Practice Principles (FIPPs). This includes the California Consumer Privacy Act of 2018 (CCPA), California Privacy Rights Act of...more
On March 24, Governor Spencer J. Cox signed the Utah Consumer Privacy Act (UCPA), making Utah the fourth state in the country to adopt a comprehensive privacy law. The UCPA is set to take effect on December 31, 2023, and this...more
Introduction As of March 22, 11 states have wrapped up their 2022 legislative sessions. In these early sessions, privacy legislation was considered in seven of the 11 states that have completed their 2022 sessions, namely...more
California Privacy Protection Agency Director Ashkan Soltani recently announced that long-awaited regulations related to the California Privacy Rights Act (CPRA) would be delayed. The agency initially scheduled a July 1...more
On February 25, the Utah Senate passed the Utah Consumer Privacy Act (the UCPA), which closely resembles both the Virginia Consumer Data Protection Act (the VCDPA) and the Colorado Privacy Act (the CPA). The House unanimously...more
On February 23, the Wisconsin House passed Assembly Bill 957 (AB 957), a bill relating to consumer data protection. This legislation is based on the Virginia Consumer Data Protection Act (VCDPA) and provides consumers with...more
On February 18, California lawmakers proposed two bills that further extend the existing employee and business-to-business (B2B) data exemptions included in the California Consumer Privacy Act and the California Privacy...more