On January 16, New Jersey Governor Phil Murphy signed S332 (the act), making New Jersey the first state in 2024 to enact a comprehensive privacy law. Several other states are currently considering similar comprehensive...more
1/26/2024
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Information Technology ,
New Jersey ,
Personal Data ,
Personally Identifiable Information ,
Regulatory Reform ,
State Data Privacy Laws
It is indeed a tangled regulatory web woven to potentially trap an organization in the wake of a data incident. Navigating this web can involve significant resources, time, and stress. As we discussed in part two of this...more
12/13/2023
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Oversight ,
State Attorneys General
On October 23, an amended complaint was filed by the Connecticut Office of the Attorney General (AG), alleging that Stone Academy, a nursing school, and its owners, Joseph Bierbaum and Mark Scheinberg, used millions of...more
11/7/2023
/ Connecticut ,
Consumer Protection Laws ,
Data Privacy ,
Educational Institutions ,
Enforcement Actions ,
Health and Safety ,
Public Health ,
Regulatory Oversight ,
State Attorneys General ,
Students ,
Tuition
On October 17, 52 state and territorial attorneys general, in addition to state money transmission regulators, entered into settlements amounting to more than $20 million with ACI Worldwide (ACI), to resolve claims involving...more
10/20/2023
/ Data Breach ,
Data Privacy ,
Data Security ,
Financial Institutions ,
Financial Services Industry ,
Insufficient Funds ,
Money Transmitter ,
Mortgages ,
Payment Processors ,
Settlement ,
State Attorneys General ,
State Regulators ,
Third Party Payments ,
Unauthorized Transactions
Rutters, a prominent grocery chain in Pennsylvania with 80 locations statewide, settled a data breach investigation with Attorney General (AG) Michelle Henry’s office by agreeing to pay $1 million and to implement certain...more
10/19/2023
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Grocery Stores ,
Pennsylvania ,
Personal Information ,
Regulatory Oversight ,
State Data Breach Notification Statutes ,
State Data Privacy Laws
Government regulators are seemingly as numerous as the stars nowadays, especially in the universe of data incidents. When organizations experience a data incident, they will need to quickly assess what happened, why it...more
10/16/2023
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
FTC Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Personally Identifiable Information ,
PHI ,
Regulatory Agencies ,
State Attorneys General
In the burgeoning realm of data incidents, it is a truism that such incidents are not created equal. Indeed, a data incident is not necessarily a data breach.
Originally published in Reuters -August 24, 2023...more
8/25/2023
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
NIST ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Regulatory Oversight
On May 17, District of Colombia Attorney General Brian Schwalb announced the settlement of an investigation into Easy Healthcare Corporation, requiring the company to change its privacy practices involving the ovulation...more
Drawing from her experience investigating and prosecuting businesses in the aftermath of cybersecurity breaches, New York Attorney General Letitia James released a guide to help companies implement effective data security...more
In recent months, there has been an explosion of artificial intelligence tools that have given even technophobes an opportunity to test AI’s power from the comfort of their favorite web browser.
Originally published in...more
On March 15, Colorado Attorney General Phil Weiser recorded the final version of the Colorado Privacy Act (CPA) Rules, granting Coloradans rights over their own personal data. Effective July 1, the CPA marks the third state...more
On January 27, California Attorney General Rob Bonta announced an “investigative sweep” of businesses with mobile applications for allegedly failing to comply with the California Consumer Privacy Act (CCPA). This ongoing...more
In addition to a night of revelry, the 2023 new year will trigger the many new privacy mandates in the Virginia Consumer Data Protection Act (VCDPA) for businesses operating in Virginia — only the second state with active...more
Creation of CyTech. On May 9, the National Association of Attorneys General (NAAG) announced the creation of the NAAG Center on Cyber and Technology (CyTech), joining a number of other centers focused upon key issues for...more
On February 25, the Utah Senate passed the Utah Consumer Privacy Act (the UCPA), which closely resembles both the Virginia Consumer Data Protection Act (the VCDPA) and the Colorado Privacy Act (the CPA). The House unanimously...more
On December 8, Instagram CEO Adam Mosseri appeared before the Senate Subcommittee on Consumer Protection, Product Safety, and Data Security to answer questions about the social media platform’s effects on children and teens....more
Data brokers beware, the Securities Exchange Commission (SEC) has signaled increased scrutiny into the data and privacy practices of technology-enabled companies in the financial services industry. On September 14, the SEC...more