Search

Search form

New York Considering Dramatic Expansion of Consumer Privacy Rights

In 2018, the California Consumer Privacy Act (“CCPA”), which provides for an expansive array of privacy rights and obligations, was enacted.  At the time, it was reasonable to wonder whether California’s bold example would catalyze similar activity in other states.  It’s clear now that it has.   Virginia recently passed its own robust privacy law, the...… Continue Reading
March 24, 2021

The Circuit Split Continues: 11th Circuit Weighs in on Standing in Data Breach Litigation

The 11th Circuit recently weighed in on the hottest issue is data breach litigation, whether a demonstration of actual harm is required to have standing to sue. Joining several other circuit courts, the 11th Circuit in Tsao v. Captiva MVP Rest. Partners, concluded that the plaintiff had failed to allege either that the data breach...… Continue Reading
March 23, 2021

California State Healthcare Worker Accesses COVID-19 Data on More Than 2,000 Patients and Employees

As we noted in late January 2020, the spread of infectious disease raises particular concerns for healthcare workers who want to do their jobs and care for their patients, while also protect themselves and their families. Perhaps the desire to protect one’s self and family is what motivated a California state healthcare worker to access...… Continue Reading
March 19, 2021

AG Becerra Announces Approval of Additional CCPA Regulations

Here we go again! On March 15th, 2021, the California Department of Justice (“Department”) announced approval of modifications to the California Consumer Privacy Act’s (CCPA) regulations, originally introduced in December of 2020.  The new regulations mainly modify provisions related to a consumer’s right to opt out of sale of their personal information, with the aim...… Continue Reading
March 16, 2021

Virginia Becomes 2nd State to Enact a Comprehensive Consumer Privacy Law

On Tuesday, March 2nd, Virginia Governor Ralph Northam signed into law the Consumer Data Protection Act (CDPA), officially joining California as the second state with a comprehensive consumer privacy law, intended to enhance privacy rights and consumer protection for state residents.  We provide an in-depth analysis of the CDPA here, along with legislative activity in...… Continue Reading
March 3, 2021

FDA Names First Acting Director of Medical Device Cybersecurity

The U.S. Food and Drug Administration (FDA) named University of Michigan Associate Professor Kevin Fu Acting Director of Medical Device Security in its Center for Devices and Radiological Health. This is a newly created 12-month post in which Fu will “work to bridge the gap between medicine and computer science and help manufacturers protect medical...… Continue Reading
February 24, 2021

Maryland Joins New York with a BIPA-like Biometric Privacy Bill

On January 13, House Delegate Sara Love Introduced the “Biometric Identifiers and Biometric Information Privacy Act” (the “Act”) substantially modeled after the Biometric Information Privacy Act in Illinois, 740 ILCS 14 et seq. (the “BIPA”). Enacted in 2008, the Illinois BIPA only recently triggered an avalanche of class actions in Illinois, spurring other legislative activity, including...… Continue Reading
February 21, 2021

Comprehensive State Privacy Laws On the Move, How Should Organizations Evaluate Them?

Virginia may be the first state to follow California’s lead on consumer privacy legislation, but it certainly will not be the last. The International Association of Privacy Professionals (IAPP) observed, “State-Level momentum for comprehensive privacy bills is at an all-time high.” The IAPP maintains a map of state consumer privacy legislative activity, with in-depth analysis comparing key provisions....… Continue Reading
February 18, 2021

CPRA Series: Redux on Data Security Requirements and Private Right of Action

The California Privacy Rights Act (CPRA), passed in November, 2020, added to the California Consumer Privacy Act (CCPA) an express obligation for covered businesses to adopt reasonable security safeguards to protect personal information. The CPRA also clarified the CCPA’s private right of action for consumers whose personal information is breached due to a failure to implement...… Continue Reading
February 15, 2021

CPRA Series: Does the California Privacy Rights Act (CPRA) Apply to Your Business?

When California voters approved Proposition 24, the California Privacy Rights Act (CPRA), on November 3, 2020, the result was to substantially amend the California Consumer Privacy Act (CCPA) which became effective only 10 months earlier. We outlined the basic rules for determining when the CCPA applies, and summarize here the changes made by the CPRA....… Continue Reading
February 15, 2021

Pages