Data Security

While many companies are struggling to make sense of the California Consumer Privacy Act (“CCPA”) (see our prior posts here and here) and roll out their CCPA compliance programs, the California Assembly Privacy and Consumer Protection Committee...

Read More →

The Federal Trade Commission (FTC) has published a Notice of Proposed Rulemaking seeking industry feedback on a number of proposed changes to the Gramm-Leach-Bliley Act (“GLBA”) Safeguards Rule, many of which are drawn from the New...

Read More →

Utah has become the first state to legislatively dictate that law enforcement must obtain a warrant based on probable cause before forcing internet service providers to turn over users’ content, location information, and other records...

Read More →

The European Commission has recalled a German-made smartwatch for children due to privacy concerns. The recall from the European market was made through the Safety Gate Rapid Alert System (“RAPEX”), which was created to facilitate...

Read More →

Overview of 2018 2018 was a watershed year for state privacy and security laws, with several states passing legislation in these areas. The most significant development was the enactment of the California Consumer Privacy Act...

Read More →

Massachusetts has updated its breach notification law to require credit monitoring services and more prescriptive breach notices to regulators, as well as to strengthen rules for consumer reporting agencies. Governor Charlie Baker signed the legislation...

Read More →

The Vermont Data Broker Regulation (“VDBR”) (9 V.S.A. §§ 2430, 2433, 2446–2447) went into effect on January 1, 2019. Therefore, data brokers must register with the Vermont Attorney General by January 31st and comply with...

Read More →

An Illinois federal judge granted summary judgment to Google in a case alleging that its use of facial recognition software in Google Photos violated Illinois’ Biometric Information Privacy Act (“BIPA”), citing Plaintiffs’ failure to establish...

Read More →

The South Carolina Insurance Data Security Act (the “Act”) took effect on January 1, 2019.  The bill, which largely resembles the New York Department of Financial Services cybersecurity regulations, is based on the National Association...

Read More →

2018 was a big year for information security and data privacy. The European General Data Protection Regulation (“GDPR”) became effective and helped bring greater awareness to the handling of personal data while several U.S. states...

Read More →