Privacy, Data and CybersecurityBlog Posts
FTC Focuses on Pixel Tracking, and Not Just at Healthcare CompaniesThe Federal Trade Commission (FTC) recently took enforcement action against digital healthcare companies for sharing user information vie third-party tracking pixels, which enable the collection of user data. At the start of the year, the U.S. Health and Human Services Office of Civil Rights issued its own bulletin with guidance regarding tracking pixel technology for...March 27, 2023 |
CFPB and NLRB Sign Information Sharing Agreement to Target Employer Surveillance and “Debt Traps” for EmployeesOn March 7, 2023, the Consumer Financial Protection Bureau (CFPB), the federal government agency charged with protecting consumers in the financial sector, and the National Labor Relations Board (NLRB), the federal government agency tasked with protecting private sector employees’ rights to engage in union organizing and other concerted activity, announced an information sharing agreement in...March 21, 2023 |
Iowa to Be Sixth State to Pass a Consumer Privacy StatuteOn March 15, 2023, the Iowa legislature unanimously passed Senate File 262, the Consumer Privacy Act, which relates to consumer data and privacy protection. Once signed by Iowa’s governor, the statute will become operative on January 1, 2025, and Iowa will join California, Colorado, Connecticut, Utah, and Virginia in passing a comprehensive consumer privacy statute....March 20, 2023 |
CPPA Starts Rulemaking on Cybersecurity, Risk Assessments, and Automated Decision-makingWhile the California Privacy Protection Agency (CPPA) only recently approved revised amended regulations pertaining to the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), it is already on to its next rulemaking. On February 10, 2023, the CPPA issued an invitation for preliminary comments on proposed rulemaking pertaining to cybersecurity audits,...February 22, 2023 |
Algorithms, Predictive Models, and the Colorado Division of InsuranceWhile programs such as Artificial Intelligence bots that can write poetry or develop art are capturing people’s interest, administrative agencies across the country are concerned about how similar technology including algorithms and automated decision making may affect employees and consumers alike. The Equal Employment Opportunity Commission (EEOC) to the New York City Department of Consumer...February 21, 2023 |
Stolen Databases Obtained In Transaction Leads to $400K Settlement with PA and OH Attorneys GeneralThis post deals with another data breach, yes, hackers were able to compromise the organization’s systems and exfiltrate personal information relating to over 45,000 Pennsylvania and Ohio residents. However, there are several important takeaways from this case, including cybersecurity in corporate transactions, data retention and destruction, and incident response planning. According to the Assurance of...February 17, 2023 |
California Privacy Protection Agency Passes Revised RegulationsAfter a significant delay, on February 3, 2023, the California Privacy Protection Agency (CPPA) unanimously approved amended regulations. The new regulations have not yet gone into effect as they must first be approved by the Office of Administrative Law (OAL). The CPPA’s General Counsel advised that there is no guarantee that the regulations would be...February 8, 2023 |
California Attorney General’s New Privacy Enforcement Targets are Apps and Opt-OutsOn the eve of Data Privacy Day, the California Attorney General announced a new investigative focus for compliance with the California Consumer Privacy Act (CCPA) on mobile applications, specifically popular apps in the retail, travel, and food service industries. The Attorney General sent letters to businesses with mobile applications that have allegedly failed to comply...February 6, 2023 |
Top Ten for 2023 – Happy Data Privacy Day!To celebrate Data Privacy Day, we present our top ten data privacy and cybersecurity predictions for 2023. 1. Healthcare and Medical Data Security and Tracking The healthcare industry has been facing increased scrutiny for the protection of healthcare information both online and on apps. 2023 will see a significant increase in the number of lawsuits...January 27, 2023 |
Version 2 Proposed Draft Rules for the Colorado Privacy ActThe Colorado Privacy Act (CPA), effective July 1, 2023, provides expansive protections to the personal data of Colorado residents acting in an individual or household context (a “consumer”). Similar to the California Consumer Privacy Act (CCPA), the CPA requires providing notice of an entity’s (“controller”) data collection activities, provides for consumer rights including the right...January 17, 2023 |