Search

Search form

From Time Keeping to Dashcams, BIPA Litigation Continues

The use of smart dashcams and vehicle cameras, including those leveraging AI technology, may trigger the next wave of BIPA litigation, according to two cases filed in Illinois this week. Enacted in 2008, the Illinois Biometric Information Privacy Act, 740 ILCS 14 et seq. (the “BIPA”), went largely unnoticed until a few years ago when...
January 10, 2022

Preventing “Credential Stuffing” Attacks, Guidance from NY State Attorney General Letitia James

After reading New York Attorney General Letitia James’ Business Guide for Credential Stuffing Attacks (“Guide”), I promptly reminded my family (and myself!) to change passwords. The practice of using the same password for multiple online accounts is one that most, if not all of us, use from time to time. According to a recent study,...
January 10, 2022

Does a Poor ESG, Social Responsibility Rating Increase an Organization’s Cyber Risk?

With ransomware and other cyber threats top of mind for most in the c-suite these days, a question frequently raised is whether a particular organization is a target for hackers. Of course, nowadays, any organization is at risk of an attack, but the question is whether some organizations are targeted more than others. A recent...
January 7, 2022

Does Your Cyber Insurance Policy Look More Like Health Insurance?

Over the past several years, if your organization experienced a cyberattack, such as ransomware or a diversion of funds due to a business email compromise (BEC), and you had cyber insurance, you likely were very thankful. However, if you are renewing that policy (or in the cyber insurance market for the first time), you are...
January 3, 2022

NYC Places Groundbreaking Restrictions on AI Use in Hiring Practices

In a groundbreaking move, likely to have significant impact on employee hiring and HR tech, the New York City Council has passed a measure (“the NYC measure”) that bans the use of automated decision-making tools to (1) screen job candidates for employment, or (2) evaluate current employees for promotion, unless the tool has been subject...
December 20, 2021

CCPA at the Two-Year Mark

The CCPA has reached the two-year mark. This is a good time for businesses to review the success of their compliance programs, recalibrate for the CCPA’s third year, and gear up for the CPRA’s January 1, 2023 effective date. Here are a few suggestions: Privacy Policies. The CCPA requires a business to update the information...
December 16, 2021

Responding to the Kronos Cyber Attack – What Should Employers Be Thinking About?

The leaders of our Wage & Hour Practice, Justin Barnes Jeffrey Brecher and Eric Magnus collaborated with us on this article. According to reports, Kronos, the cloud-based, HR management service provider, suffered a data incident involving ransomware affecting its information systems. Kronos communicated that it discovered the incident late on Saturday, December 11, 2021, when...
December 14, 2021

Employee Monitoring: New York Establishes New Requirements for Employers

Earlier this month, New York Governor Kathy Hochul signed into a law a bill that will require New York private sector employers to provide written notice to employees before engaging in electronic monitoring of their activities in the workplace.  Civil Rights (CVR) Chapter 6, Article 5, Section 52-C*2 will take effect six months after enactment,...
November 19, 2021

FTC Issues Final Rule Amending the Standards for Safeguarding Customer Information – Data Breach Notification Obligations to Follow?

On October 27, 2021 the FTC issued a final rule (the “Final Rule”) amending 16 CFR Part 134, Standards for Safeguarding Customer Information (“Safeguards Rule”), after a period of notice and comment. While the existing Safeguards Rule imposes a general obligation on financial institutions to maintain an information security program, the Final Rule outlines these...
November 17, 2021

OSHA ETS: What Records Must Covered Employers Collect, Retain, Safeguard, and Make Available Upon Request

Last week, the Occupational Safety and Health Administration (OSHA) issued an Emergency Temporary Standard (ETS) implementing President Joe Biden’s COVID-19 vaccine mandate covering employers with at least 100 employees. The ETS is summarized here, including the general compliance deadline of 30 days from November 5, 2021, with an additional 30 days for testing to begin,...
November 8, 2021

Pages