Privacy, Data and CybersecurityBlog Posts
California Tightens Rules on Vehicle Tracking, Fleet ManagementOver the past several years, there has been a significant increase in the use of dashcam technology. The technology available in the market is quite advanced. As we observed here, these devices can be equipped with geolocation, AI, facial recognition, and other technologies. Designed primarily to enhance driver safety and fleet management, privacy concerns are...October 28, 2022 |
CPPA Board Publishes Proposed Modifications to CPRA Regulations in Advance of October MeetingOn October 21 and 22, the California Privacy Protection Agency (CPPA) Board will meet to discuss possible action regarding the proposed regulations for the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). Previously, in June 2022, the Board met to discuss revising the regulations previously released by the California Attorney General. ...October 18, 2022 |
Biden Executive Order Supports New EU-U.S. Data Privacy Framework for Trans-Atlantic Transfers of DataIn July 2020, the Court of Justice of the European Union (CJEU) declared the EU-U.S. Privacy Shield invalid. The EU-U.S. Privacy Shield program was designed to provide European Economic Area (EEA) data transferred to the U.S. with a level of protection comparable to EU law. The CJEU invalidated the program stating that U.S. companies could...October 17, 2022 |
White House Weighs In On the Use of AI by BusinessesOn October 3, 2022, the White House Office of Science and Technology Policy published its “Blueprint for an AI Bill of Rights.” This adds to prior federal guidance released by the EEOC and DOJ regarding the use of AI in employment decisions. The framework published by the White House is intended to apply to automated...October 7, 2022 |
Amendment to CMIA Regarding Mental Health and Mental Health AppsCalifornia passed Assembly Bill (AB) 2089, which amends the Confidentiality of Medical Information Act (CMIA) to include mental health application information under the definition of medical information. Under the revisions to CMIA, mental health application information is defined as information related to a consumer’s inferred or diagnosed mental health or substance use disorder, as defined...September 29, 2022 |
California Consumer Privacy Act FAQs: Employment Information1. What’s changing? Under the current version of the California Consumer Privacy Act (“CCPA”), an employer’s obligations related to the personal information it collects from employees, applicants, and contractors residing in California (collectively, “Employment Information”) are relatively limited. Specifically, it needs to (1) provide those individuals a “notice at collection” that discloses the categories of...September 27, 2022 |
California Adopts Law the Seeks to Protect Children’s Online PrivacyCalifornia’s Governor signed Assembly Bill (AB) 2273, the first of its kind state legislation that requires businesses that provide online services, products, or features likely to be accessed by children to comply with specified standards. Building on federal protections for children online under the Children’s Online Privacy Protection Act (COPPA), AB 2273 enacts the California...September 15, 2022 |
First California Consumer Privacy Act Enforcement Action and SettlementAugust 24, 2022, marked a milestone for the California Consumer Privacy Act (CCPA), the California Attorney General announced the first enforcement and settlement against beauty retailer Sephora. Since July 2022, the California Attorney General’s (AG) office conducted an investigative sweep of online retailers to check compliance with the CCPA and sent out over 100 notices...September 7, 2022 |
Employers Get Ready – CCPA Employee and B2B Exemptions End, Expanded Privacy Compliance Begins in 2023For the past few years, California’s comprehensive privacy law known as the California Consumer Privacy Act (“CCPA”) included an important partial exemption for employees, applicants, and independent contractors (collectively, “workforce members”). The California Privacy Rights Act, which amended the CCPA, extended the exemption through December 31, 2022. While many expected the exemption would be extended,...September 2, 2022 |
New York State Bar Adds Cybersecurity, Privacy, and Data Protection as New CLE CategoryOn August 17, 2022, New York announced an amendment to the Continuing Legal Education (CLE) Program Rules, which adds a requirement for attorneys to complete at least one CLE credit hour in Cybersecurity, Privacy, and Data Protection as part of fulfilling their CLE requirements. New York barred attorneys will be required to comply starting July...August 25, 2022 |