Two new Chinese laws dealing with data security and privacy came into force in the fall of 2021 that are likely to have an impact on many multinational companies operating in China or whose operations touch China. These two...more
11/4/2021
/ Algorithms ,
Artificial Intelligence ,
China ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
International Data Transfers ,
Personal Information ,
Personal Information Protection Law (PIPL)
In this month’s edition of our Privacy & Cybersecurity Update, we examine the FTC’s changes to the Gramm-Leach-Bliley Act’s Safeguards Rule and the CFPB’s order requiring six tech companies to disclose information regarding...more
11/2/2021
/ Consumer Financial Protection Bureau (CFPB) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
GEICO ,
Gramm-Leach-Blilely Act ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Multidistrict Litigation ,
Putative Class Actions ,
Safeguards Rule
In this month’s edition of our Privacy & Cybersecurity Update, we examine the California Privacy Protection Agency's public comment period for the California Privacy Rights Act, the U.K. government's public consultation...more
10/4/2021
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
Fourth Amendment ,
General Data Protection Regulation (GDPR) ,
Office of Foreign Assets Control (OFAC) ,
Personal Information ,
Public Comment ,
Surveillance
In this month’s edition of our Privacy & Cybersecurity Update, we examine cybersecurity guidance issued by New York state, and the Cybersecurity and Infrastructure Security Agency’s new “Bad Practices” website outlining what...more
8/3/2021
/ Best Practices ,
California Consumer Privacy Act (CCPA) ,
COPPA ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
European Data Protection Board (EDPB) ,
Federal Trade Commission (FTC) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
NYDFS ,
Popular ,
Ransomware
In this month's edition of our Privacy & Cybersecurity Update, we examine the Second Circuit's ruling allowing standing for increased risk of identity theft following a data breach, the European Commission's recently released...more
5/3/2021
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Labor (DOL) ,
EBSA ,
EU ,
European Commission ,
IN Supreme Court ,
Ransomware
In this month’s edition, we examine California’s new regulations enhancing opt-out rights in the California Consumer Privacy Act and the state's selections for the California Privacy Protection Agency’s inaugural board. We...more
4/2/2021
/ California Consumer Privacy Act (CCPA) ,
Commercial General Liability Policies ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
FDCPA ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Opt-Outs ,
Personal Data ,
Securities and Exchange Commission (SEC) ,
State Attorneys General ,
State Privacy Laws ,
TCPA
On March 2, 2021, Virginia Gov. Ralph Northam signed into law the Virginia Consumer Data Protection Act (CDPA), making Virginia the second state after California to enact comprehensive privacy legislation. The CDPA will...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the New York Department of Financial Services' issuance of the first-ever cyber insurance risk guidance framework, the Eleventh Circuit's ruling...more
In this month's edition, we examine the European Commission's Digital Services Act and its potential regulatory impact, the National Institute of Standards and Technology's draft guidance on internet-of-things devices'...more
2/4/2021
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Security ,
Digital Services ,
Draft Guidance ,
European Commission ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Internet of Things ,
NIST ,
Popular ,
Privacy Policy
In this month’s edition of our Privacy & Cybersecurity Update, we examine the passage of the ballot initiative that enacts the California Privacy Rights Act, the U.K. Information Commissioner’s Office’s final guidance on data...more
12/2/2020
/ Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Schrems I & Schrems II ,
Standard Contractual Clauses
In this month's edition of our Privacy & Cybersecurity Update, we examine the National Institute of Standards and Technology's four principles of the "explainability" of artificial intelligence and the U.K. Information...more
9/1/2020
/ Anti-Drone Technology ,
Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Compliance ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Drones ,
EU-US Privacy Shield ,
FCC ,
Federal Aviation Administration (FAA) ,
Federal Trade Commission (FTC) ,
Final Rules ,
International Data Transfers ,
NIST ,
Office of Administrative Law ,
Personal Information ,
Popular ,
Privacy Laws ,
Risk Mitigation ,
UK ,
UK ICO
In this month's edition, we examine the Court of Justice of the European Union's decision invalidating the EU-U.S. Privacy Shield framework, as well as the U.S. government's response to the decision. We also examine two...more
8/6/2020
/ Automotive Industry ,
Binding Corporate Rules ,
Broadband Privacy Rules ,
Connected Cars ,
Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Economic Loss Doctrine ,
Enforcement Actions ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
Federal Trade Commission (FTC) ,
First Amendment ,
Free Speech ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Insurance Industry ,
International Data Transfers ,
Internet Service Providers (ISPs) ,
Misrepresentation ,
Negligence ,
NYDFS ,
Online Platforms ,
P2B ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Schrems I & Schrems II ,
Security Breach ,
Standard Contractual Clauses ,
U.S. Commerce Department ,
UK ,
UK Data Protection Act ,
United Nations
In this month's edition of our Privacy & Cybersecurity Update, we examine the California attorney general's final regulations for the California Consumer Privacy Act and a ruling by the Indiana Court of Appeals involving...more
7/6/2020
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Constitutional Challenges ,
Consumer Fraud ,
Cyber Insurance ,
Cybersecurity ,
Data Privacy ,
EU ,
Popular ,
Privacy Laws ,
Ransomware
In this month's edition, we examine the California attorney general's proposed modified regulations under the CCPA, the Treasury Department's new CFIUS regulations, and the SEC Office of Compliance Inspections and...more
3/3/2020
/ BPCIA ,
Business Losses ,
California Consumer Privacy Act (CCPA) ,
CFIUS ,
Cyber Insurance ,
Cybersecurity ,
Data Privacy ,
Foreign Investment ,
OCIE ,
Popular ,
Privacy Laws ,
Ransomware ,
Risk Mitigation ,
Securities and Exchange Commission (SEC) ,
Standing ,
State Privacy Laws ,
U.S. Treasury ,
UK ICO
In this month's edition of our Privacy & Cybersecurity Update, we examine the EU advocate general's decision in Schrems II, a federal court's ruling that an insurer owed coverage for a social engineering loss, the Chinese...more
2/6/2020
/ Advocate General ,
China ,
Cybersecurity ,
Cybersecurity Framework ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
GA Supreme Court ,
Hackers ,
Mobile Apps ,
Negligence ,
NIST ,
Personal Data ,
Popular ,
Ransomware ,
Schrems I & Schrems II
In this month's edition of our Privacy & Cybersecurity Update, we examine new cybersecurity legislation in California and Massachusetts, the British government's updates to its cybersecurity laws in anticipation of Brexit and...more
4/2/2019
/ California Consumer Privacy Act (CCPA) ,
Class Action ,
Class Certification ,
Credit Reporting Agencies ,
Credit Reports ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
Gramm-Leach-Blilely Act ,
Popular ,
Privacy Laws ,
Public Comment ,
State Data Breach Notification Statutes ,
Thailand ,
UK ,
UK Brexit
California recently enacted the Consumer Privacy Act, the most stringent privacy law in the United States. Although it does not go into effect until January 1, 2020, most companies will need a number of months to prepare. The...more
3/22/2019
/ California Consumer Privacy Act (CCPA) ,
Compliance ,
Consumer Privacy Rights ,
Covered Entities ,
Data Collection ,
Data Privacy ,
Disclosure Requirements ,
Exceptions ,
Exemptions ,
Legitimate Business Purpose ,
Non-Discrimination Rules ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
Private Right of Action ,
Research and Development ,
Resident's Rights ,
Right to Delete ,
Right-To-Access ,
Sales Restrictions ,
Training Requirements
While debates about the need for a federal data protection law continued to heat up in 2018, California enacted its own comprehensive privacy law, the California Consumer Privacy Act (CCPA), creating a de facto national...more
In this month's edition of our Privacy & Cybersecurity Update, we examine modifications to New York state's proposed cybersecurity regulations for financial institutions, a 5th Circuit ruling that a phishing scam is not...more
1/4/2017
/ Banks ,
Commercial Crime Insurance Polices ,
Consumer Insurance Products ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Department of Financial Services ,
FCC ,
Home Depot ,
Internet of Things ,
Phishing Scams ,
Privacy Laws ,
Trump Administration ,
U.S. Treasury
Entering 2016, the relentless stream of cyberattacks continues unabated, having become a "business as usual" reality to which companies must adapt. All companies, regardless of size or industry, are potential targets, and the...more
1/21/2016
/ Administrative Authority ,
Class Action ,
Cybersecurity ,
Data Privacy ,
EU ,
EU Data Protection Laws ,
Federal Trade Commission (FTC) ,
FTC Act ,
General Data Protection Regulation (GDPR) ,
Incident Response Plans ,
Information Sharing ,
Injury-in-Fact ,
LabMD ,
OCIE ,
Privacy Laws ,
Risk Assessment ,
Section 5 ,
Securities and Exchange Commission (SEC) ,
Third-Party Release Agrements ,
US-EU Safe Harbor Framework ,
Vendors ,
Wyndham
In This Issue:
- DOJ Issues Cyber Preparation and Response Guidance
- RadioShack’s Plan to Auction Customer Data Highlights Issues Over Treatment of Such Data as an Asset
- Google v. Vidal-Hall and...more
5/3/2015
/ Commercial Bankruptcy ,
Customer Lists ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Department of Justice (DOJ) ,
FCC ,
Financial Services Authority ,
Google ,
Hulu ,
Information Sharing ,
NAIC ,
Popular ,
RadioShack ,
Third-Party ,
Video Privacy Protection Act