Alerts: Privacy & Data Security Law
Six Steps to Help Your Team Comply with the New SEC Public Company Cybersecurity Rules
On July 26, 2023, the Securities Exchange Commission (“SEC”) approved final Rules entitled Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (the “Rules”). The Rules require certain cybersecurity incident disclosures on Form 8-K, generally within 4 business days after the determination that a cybersecurity incident is material. Read more.
August 1, 2023
Alerts: Privacy & Data Security Law
Five Action Items to Help You Prepare for the Wave of Privacy Enforcement Starting July 2023
Mark your calendars - July 2023 is an important month for US privacy enforcement. Read more.
June 21, 2023
Alerts: Privacy & Data Security Law
Washington “My Health My Data” Act Dramatically Alters Health Data Compliance Landscape
Washington State’s My Health My Data Act (“the Act”) introduces a sweeping set of obligations for nearly all entities that do business in the state and that handle “consumer health data,” a broad new class of health-related data separate from that regulated by the federal Health Insurance Portability and Accountability Act (“HIPAA”). Read more.
April 24, 2023
Alerts: Privacy & Data Security Law
CPRA Regs: 8 New Obligations You Need to Know
On February 14, the CPPA, California’s new privacy regulatory agency, filed the first part of its proposed final CPRA Regs with California’s Office of Administrative Law (OAL). Read more.
February 21, 2023
Sign Up for Alerts
Sign up to receive receive industry-specific emails from our legal team.
Sign Up.
Alerts: Privacy & Data Security Law
Privacy Considerations for 2023
2023 is around the corner. As a refresher, on January 1, 2023, two new comprehensive privacy laws – the California Privacy Rights Act (“CPRA”) and the Virginia Consumer Data Protection Act (“VCDPA”) – take effect. Read more.
December 6, 2022
Alerts: Privacy & Data Security Law
New York Regulator Says Even One Access Control Failure Can Invalidate Years of Compliance Certifications
The New York Department of Financial Services (“NYDFS”) recently entered into a Consent Order (the “Consent Order”) with EyeMed Vision Care LLC (“EyeMed”) over violations of the agency’s Cybersecurity Requirements (23 NY CRR Part 500) (“Part 500”). Read more.
October 26, 2022
Alerts: Privacy & Data Security Law
Privacy News for Q2 2022
A summary of privacy news and trends we have seen in the first half of 2022. Read more.
June 2, 2022
Alerts: Privacy & Data Security Law
Does Your Loyalty Program Violate the CCPA?
California Attorney General Rob Bonta tweeted and released a statement that his office has sent warning letters to businesses in a variety of industries for alleged failure to comply with CCPA. Read more.
February 3, 2022
Sign Up for Alerts
Sign up to receive receive industry-specific emails from our legal team.
Sign Up.
Alerts: Privacy & Data Security Law
iOS 15 Brings New Privacy Controls That Will Impact Advertising Initiatives
After months in beta, Apple is releasing iOS 15 to the public. Building upon the Privacy Nutrition Labels and App Tracking Transparency (ATT) framework introduced in iOS 14.5, iOS 15 introduces new privacy controls that will impact brand marketing initiatives and the ad tech ecosystem. Although these controls are not an iOS 14.5-caliber seismic event, they are yet another example of how platform providers have become de facto regulators of privacy. Read more.
September 20, 2021
Alerts: Privacy & Data Security Law
New York City Restricts Collection of Biometric Identifiers
Major US municipalities are lining up to regulate business use of technologies to collect biometric identifiers and information. For example, Portland, Oregon, banned the use of face recognition technologies earlier this year. Now, New York City businesses must comply with a new law too: Effective July 9, 2021, any commercial establishment in New York City that collects, retains, converts, stores or shares biometric identifier information of customers must disclose such activity using clear and conspicuous signage near all customer entrances. Read more.
July 7, 2021
Alerts: Privacy & Data Security Law
Business Takeaways from the FTC $5 Billion Settlement with Facebook
On July 24, 2019, the FTC announced a $5 billion settlement with Facebook to address Facebook’s alleged violations of the FTC Act and its 2012 consent order with the FTC. Read more.
July 26, 2019
Alerts: Privacy & Data Security Law
Are You Ready for the New York Cybersecurity Regulations’ September 3rd Deadline?
Financial institutions and insurance companies operating in New York have until September 3, 2018 to comply with the next phase of New York's Cybersecurity Regulations. Here's what you need to know to avoid regulatory scrutiny. Read more.
August 10, 2018
Sign Up for Alerts
Sign up to receive receive industry-specific emails from our legal team.
Sign Up.
Alerts: Privacy & Data Security Law
New California Privacy Law Calls for Significant Changes
On the heels of the European General Data Protection Regulation (GDPR), California has now passed a digital privacy law that gives consumers more control over their personal information online. Read more.
June 29, 2018
Alerts: Privacy & Data Security Law
Privacy Shield: Year One Updates You Need To Know
This month we're celebrating Privacy Shield's first birthday with an update on everything Privacy Shield. There have been a number of developments on the Privacy Shield-front that companies certified or seeking self-certification under Privacy Shield need to know. Read more.
October 17, 2017
Alerts: Privacy & Data Security Law
Class Action Lawsuits Over Alleged COPPA Violations Reinforce Importance of Compliance
Earlier this month, three class action lawsuits were filed against companies for alleged violations of the Children's Online Privacy Protection Act ("COPPA"). Read more.
August 22, 2017
Alerts: Privacy & Data Security Law
Third State Adopts Biometric Privacy Law
On June 1, 2017, Washington State joined Illinois and Texas as the third state to pass a biometric privacy law. The law, H.B. 1493, which goes into effect July 23, 2017, covers any business entity that collects biometric identifiers for commercial purposes. Read more.
July 11, 2017
Sign Up for Alerts
Sign up to receive receive industry-specific emails from our legal team.
Sign Up.
Alerts: Privacy & Data Security Law
Children’s Privacy: FTC Issues New COPPA Guidance for IoT and Connected Devices
Last week, the Federal Trade Commission ("FTC") released a new report, Six-Step Compliance Plan for Your Business, to help companies understand their obligations under the Children's Online Privacy Protection Act ("COPPA"). Read more.
June 28, 2017
Alerts: Privacy & Data Security Law
A Big Phone Bill: Dish Network Telemarketing Violation Verdicts Total Approximately $341 Million
In a cautionary tale for marketers, two courts recently found satellite TV provider Dish Network ("Dish") liable for repeated and willful violations of federal and state telemarketing laws. Read more.
June 23, 2017
Alerts: Privacy & Data Security Law
Start Your Engines: We Have to Deal With GDPR, What Now?
Back in January, we posted about the circumstances in which your company, even if based in the US, must comply with the EU General Data Protection Regulation (GDPR), taking effect in May 2018. Here we will provide a high level checklist to help you start down the path of GDPR readiness. Read more.
April 13, 2017
Alerts: Privacy & Data Security Law: Technology Law
No Harm, No Foul: Court Dismisses Biometric Data Privacy Class Action Against NBA 2K Games
Biometric data — from, e.g., retina, face and fingerprint scans — plays a big role in the current wave of new technology services. For example, biometrics provide security features for financial and healthcare products. But companies using or thinking of using biometric data have to comply with myriad privacy and data security laws and regulations, or face potential enforcement action and litigation. Read more.
February 16, 2017
Sign Up for Alerts
Sign up to receive receive industry-specific emails from our legal team.
Sign Up.
Alerts: Privacy & Data Security Law
FTC Hits Targeting Platform Turn Inc. for Deceptive Online Tracking
On Tuesday, December 20, the FTC announced a settlement with digital marketing platform Turn Inc. over claims that the company deceptively tracked users across the Internet for advertising purposes. Read more.
December 22, 2016
Alerts: Privacy & Data Security Law
FCC Adopts Broadband Consumer Privacy Rules
On October 27, 2016, the Federal Communications Commission (FCC) adopted an Order requiring broadband Internet service providers and all other telecommunications carriers providing telecommunications services to take greater steps to protect the privacy of their customers, including current and former subscribers and new applicants. Here's a summary of the key obligations imposed on carriers: Read more.
November 22, 2016
Alerts: Privacy & Data Security Law
Latest on the FTC Data Security Front
FTC Issues Guide on How to Respond to a Data Breach, and Eleventh Circuit Questions the FTC's Interpretation of Its Section 5 Authority But Does NOT Alter the Unfairness Standard in Data Security Matters. Read more.
November 21, 2016
Alerts: Privacy & Data Security Law
The New “Privacy Shield”: What Does it Mean for Your Company?
This week brought important news for any company that transfers across borders, or receives cross-border transfers of, consumer or employee personally identifying data (very broadly defined). Read more.
July 14, 2016
Sign Up for Alerts
Sign up to receive receive industry-specific emails from our legal team.
Sign Up.
Alerts: Privacy & Data Security Law
Transferring Personal Data Overseas: EU - US Privacy Shield Will Create New Obligations
On February 2, 2016, EU and US authorities reached an agreement in principle on a new framework for transatlantic data transfers, dubbed the "Privacy Shield." Read more.
March 14, 2016
