State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: CFIUS Update: Key Takeaways from the FIRRMA Implementing Regulations
The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
On January 23, 2025, PayPal settled an enforcement action brought by the New York State Department of Financial Services (NY DFS) for failing to comply with cybersecurity regulations required for financial services businesses...more
On December 24, 2024, New York Governor Kathy Hochul signed into law amendments to New York’s private-sector data breach notification law (General Business Law § 899-aa) and government agency data breach notification law (New...more
Class actions arising from data breach represented the fastest growing segment of class action filings. In 2023, more than 2000 class actions were filed, more than triple the amount filed in 2022. These cases were filed in...more
In 2021, the U.S. Department of Labor (DOL) issued 3 documents outlining guidance on cybersecurity practices for benefits plans, which we discussed in a blog post at the time. The DOL recently issued revised versions of the...more
The U.S. cybersecurity and data privacy law framework continues to evolve and expand rapidly. Here, we share a summary of the eight new state data privacy and security laws that will take effect in 2024 and 2025. Businesses...more
The Third Circuit Court of Appeals has given new life to a putative class action suit led by a former employee of a company that suffered a ransomware attack, leading to her sensitive information being released onto the Dark...more
Keypoint: The chances for the United States to finally enact a federal privacy bill appear to have increased with the circulation of a bipartisan discussion draft although its chances for passage are far from clear....more
The U.S. Securities and Exchange Commission (SEC) has launched a stunning salvo across the bows of public companies with its announcement of civil monetary penalties and a cease-and-desist order against First American...more
Since the passage of the CCPA in 2018, there has been a flurry of proposed state laws aimed at regulating the areas of cybersecurity and data privacy in the absence of federal comprehensive legislation. Additionally, there...more
The California Privacy Rights Act (CPRA) expands the definition of personal information as it currently exists in the California Consumer Privacy Act (CCPA). The CPRA adds “sensitive personal information” as a defined term,...more
On November 3, 2020, California voters passed Proposition 24, the California Privacy Rights Act (CPRA), by approximately 56-44%. This act will amend and supersede the still recent California Consumer Privacy Act (CCPA), once...more