The Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) has released a new report, entitled Cybersecurity and Resiliency Observations, which stands as their most detailed and comprehensive information security guidance to date. Companies supervised by OCIE may want to consider the report to be an information security “benchmark,” as it amounts to...

Read More →
Washington Privacy Act (WPA)

New Push for Washington’s Privacy Bill in 2020

January 30, 2020 | 0 Comments

Washington state may be leading the charge on privacy legislation in 2020. The state legislature introduced several privacy bills during the first week of its 2020 legislative session, including an updated version of the Washington Privacy Act (“WPA” or “Act”)—a comprehensive data protection framework modeled after the California Consumer Privacy Act (“CCPA”) and the European...

Read More →

On October 10, 2019, the California Attorney General issued its notice of proposed rulemaking containing its proposed CCPA Regulations. In many instances, the draft Regulations go beyond simply clarifying existing CCPA provisions and instead set forth new requirements that alter prior interpretations of the law.  This analysis highlights some of those provisions and expected next steps as...

Read More →

Key Takeaways: Subject data rights for employee data and business-to-business data were narrowed (for a year). The definition of personal information was clarified; the toll-free number requirement has an exception. The definition of sale remains unchanged.   The California legislative session is over and the nine-month effort to amend the California Consumer Privacy Act of 2018...

Read More →

In the highly-anticipated decision in the hiQ Labs v. LinkedIn case, the Ninth Circuit upheld the preliminary injunction against LinkedIn, prohibiting it from barring hiQ’s scraping of public profiles from its site. In so doing, the court held that the Computer Fraud and Abuse Act, 18 U.S.C. § 1030 (“CFAA”) is likely not violated by the...

Read More →

Following an extensive investigation, the Federal Trade Commission (“FTC”) announced a settlement with Google and its subsidiary YouTube for the largest-ever civil penalty for violations under the Children’s Online Privacy Protection Act (“COPPA”) – $136 million to the FTC and $34 million to the State of New York.  In its 2013 COPPA rulemaking, the Commission indicated that...

Read More →

We are proud to be recognized as a leading law firm in Privacy and Data Security by Chambers and Partners for the ninth consecutive year. Founder and Managing Partner Marc J. Zwillinger has also been ranked in Band 1 as a top lawyer in the Privacy and Data Security space. Chambers bases these rankings on...

Read More →

The Federal Trade Commission announced a settlement and consent decree with email receipt management company Unroll.me, a subsidiary of Slice Technologies, Inc. Unroll.me offered a service that helped users unsubscribe from unwanted subscription emails and consolidate certain other types of emails into a single daily email.  The FTC’s allegations included claims that Unroll.me shared detailed personal data...

Read More →

Following a breach affecting 145 million consumers, the Federal Trade Commission has announced a settlement with Equifax for up to $700 million, the largest ever for a data breach. In the same action, Equifax also settled with the Consumer Financial Protection Bureau (CFPB), and 50 U.S. states and territories to resolve allegations related to the massive 2017 breach. This...

Read More →

ZwillGen, a leading boutique law firm specializing in the intersection of law and technology, is seeking candidates for its 2020 Fellowship Program. The program presents a unique opportunity to work with and learn from some of the most experienced privacy and data security lawyers representing the biggest names in technology, and it’s a great place...

Read More →