Data Security

On May 7, 2019, Governor Jay Inslee signed a bill (HB 1071) that strengthens the state’s existing data breach notification law by expanding the definition of “personal information” and reducing the time an entity has to...

Read More →

The Death Knell for Class Arbitration?

May 6, 2019 | 0 Comments

On April 24, 2019, the U.S. Supreme Court held in Lamps Plus v. Varela that under the Federal Arbitration Act (“FAA”), class arbitration is only permitted when explicitly provided for in arbitration agreements. The 5-4 decision...

Read More →

While many companies are struggling to make sense of the California Consumer Privacy Act (“CCPA”) (see our prior posts here and here) and roll out their CCPA compliance programs, the California Assembly Privacy and Consumer Protection Committee...

Read More →

The Federal Trade Commission (FTC) has published a Notice of Proposed Rulemaking seeking industry feedback on a number of proposed changes to the Gramm-Leach-Bliley Act (“GLBA”) Safeguards Rule, many of which are drawn from the New...

Read More →

Utah has become the first state to legislatively dictate that law enforcement must obtain a warrant based on probable cause before forcing internet service providers to turn over users’ content, location information, and other records...

Read More →

The European Commission has recalled a German-made smartwatch for children due to privacy concerns. The recall from the European market was made through the Safety Gate Rapid Alert System (“RAPEX”), which was created to facilitate...

Read More →

Overview of 2018 2018 was a watershed year for state privacy and security laws, with several states passing legislation in these areas. The most significant development was the enactment of the California Consumer Privacy Act...

Read More →

Massachusetts has updated its breach notification law to require credit monitoring services and more prescriptive breach notices to regulators, as well as to strengthen rules for consumer reporting agencies. Governor Charlie Baker signed the legislation...

Read More →

The Vermont Data Broker Regulation (“VDBR”) (9 V.S.A. §§ 2430, 2433, 2446–2447) went into effect on January 1, 2019. Therefore, data brokers must register with the Vermont Attorney General by January 31st and comply with...

Read More →

An Illinois federal judge granted summary judgment to Google in a case alleging that its use of facial recognition software in Google Photos violated Illinois’ Biometric Information Privacy Act (“BIPA”), citing Plaintiffs’ failure to establish...

Read More →