For years now, state laws have required subject organizations to provide notification to affected data subjects and, in some instances, to state agencies, consumer reporting agencies, and the media, when they experience a “breach” of certain categories of information. And a growing number of states – including California, Colorado, Connecticut, Maryland, Massachusetts, Texas, and, most … Continue Reading
The California Consumer Privacy Act is almost here! The groundbreaking law takes effect January 1, 2020. Covered businesses and their service providers have already started preparing, as the CCPA continues to evolve since it was introduced. California’s legislative session ended on September 13th, with some final modifications to bills that would amend certain aspects of … Continue Reading
Last week, the Eleventh Circuit ruled that a single unsolicited text message doesn’t meet the harm requirement necessary to proceed with a Telephone Consumer Protection Act (TCPA) claim. The Eleventh Circuit ruling, Salcedo v. Hanna, reverses a decision by a lower court allowing the plaintiff to move forward with a TCPA claim on grounds that … Continue Reading
The California Consumer Privacy Act (CCPA), which goes into effect January 1, 2020, is considered the most robust state privacy law in the United States. The CCPA seems to have spurred a flood of similar legislative proposals on the state level, and started a shift in the consumer privacy law landscape. Many of these proposals end up … Continue Reading
The U.S. Supreme Court issued its long awaited decision in PDR Network LLC v. Carlton, addressing the issue of whether the Hobbs Act requires the district court to accept the 2006 Federal Communication Commission (FCC) Order 2006 (“the Order”), which provides the legal interpretation for the Telephone Consumer Protection Act (TCPA). Unfortunately, the Court did not answer the question presented when … Continue Reading
No industry or sector is immune to privacy or security issues. This week a jury in a district court in Pennsylvania awarded $1,000 to each of the 68,000 class members who claimed that Bucks County, a county just outside Philadelphia, and several other municipal entities, violated state law by making their criminal records public, in … Continue Reading
California keeps making privacy headlines for its trailblazing California Consumer Privacy Act (“CCPA”), set to take effect January 1, 2020, but there is another set of privacy bills making its way through the California state legislature, that, if passed, will provide consumers with further privacy protections. The “Your Data Your Way” initiative, comprised of four … Continue Reading
As we reported, in late February, California Attorney General Xavier Becerra and Senator Hannah-Beth Jackson introduced Senate Bill 561, legislation intended to strengthen and clarify the California Consumer Privacy Act (CCPA). This week, the Senate Judiciary Committee referred the bill to the Senate Appropriations Committee by a vote of 6-2. This move came despite concerns raised … Continue Reading
Happy Data Privacy Day from the Jackson Lewis Privacy, Data and Cybersecurity Team! In Honor of National Privacy Day, we are focused on what is sure to be one of the hottest issues of 2019 and present our FAQs for employers on the California Consumer Privacy Act (CCPA). As you know, data privacy and security … Continue Reading
Privacy and cybersecurity risks continue to emerge for organizations large and small. While by no means exhaustive, we briefly discuss some key issues that organizations may need to focus on in 2019 and beyond. Business Email Compromise (BEC)/Email Account Compromise (EAC) – BEC and EAC attacks are widespread and show no sign of slowing in the … Continue Reading
On September 23, 2018, Governor Jerry Brown signed into law SB-1121 amending certain provisions of the California Consumer Privacy Act of 2018 (CCPA) which was enacted in June of this year. As we reported previously, CCPA will apply to any entity that does business in the State of California and satisfies one or more of … Continue Reading
This Sunday, January 28, is Data Privacy Day, which Congress recognized on Jan. 27, 2014, when it adopted S. Res. 337, supporting the designation. As noted by the National Cyber Security Alliance, Data Privacy Day began in the United States and Canada in January 2008, an extension of the Data Protection Day celebration in Europe. Don’t … Continue Reading
We are proud to once again announce that the Workplace Privacy Report has been nominated for The Expert Institute’s Best Legal Blog Competition. From a field of thousands of nominees, the Workplace Privacy Report has received enough nominations to join one of the largest competitions for legal blog writing online today. If you enjoy the Workplace … Continue Reading
On January 9, 2017, lawmakers in the House re-introduced legislation, the Email Privacy Act, which, if enacted, would require the government to obtain a court-issued warrant to access electronic communications, including emails and social networking messages, from cloud providers (e.g., Google, Yahoo) when such communications are older than 180 days. Current law, the Electronic Communications … Continue Reading
A class action alleging Viacom illegally obtained and disclosed personally identifiable information from children under the age of thirteen through the Nickelodeon website recently reached the end of line (almost) when the class’ petition for writ of certiorari was denied by the Supreme Court this month. The high court chose not to further define the … Continue Reading
In honor of Data Privacy Day, we provide the following “Top 10 for 2017.” While the list is by no means exhaustive, it does provide some hot topics for organizations to consider in 2017. 1. Phishing Attacks and Ransomware – Phishing, as the name implies, is the attempt, usually via email, to obtain sensitive or personal … Continue Reading
The Federal Trade Commission (“FTC”) recently announced that FTC chairwoman Edith Ramirez will be stepping down effective February 10, 2017. Ms. Ramirez guided the agency through a period of significant enforcement activity, particularly in the areas of cybersecurity and consumer privacy. President-elect Donald Trump will now have the opportunity to fill three vacancies at the … Continue Reading
The Federal Trade Commission (“FTC”) has entered into a Consent Order to resolve a complaint brought against a digital advertising company, Turn Inc. Turn provided advertisers with the ability to engage in targeted advertising by tracking consumer’s activities or characteristics to deliver ads tailored to the consumer’s interests. The FTC alleged that Turn violated federal … Continue Reading
Late last month, the Federal Communications Commission adopted new privacy rules for broadband Internet service providers (ISPs). We first discussed this topic in March when the proposal was introduced by the FCC Chairman. The rules are intended to protect the privacy of consumers and to provide customers with meaningful choice, greater transparency, and strong security … Continue Reading
Michael Schrage at Harvard Business Review warns his readers, “Stop swearing at Siri. Quit cursing Cortana,” arguing such behavior could soon be seen just as destructive to an organization as ridiculing a subordinate. In the 1993 film, Demolition Man, Sylvester Stallone’s character, John Spartan, received multiple tickets from a wall box that overheard him violate … Continue Reading
According to a recent New York Times article, “Facebook scrambled on Monday to respond to a new and startling line of attack: accusations of political bias.” Slate followed with a report that the online social networking giant became the subject of a United States Senate inquiry, with Commerce Committee Chairman John Thune wanting information about how … Continue Reading
One year ago, in March 2015, the Federal Communications Commission (“FCC”) reclassified broadband Internet access service as a common carrier Telecommunications Service subject to regulation under Title II of the Communications Act. At that time, however, the FCC recognized that the then-current rules were not well suited to broadband privacy. On March 10, 2016, the … Continue Reading
Recognizing the growing number of connected and interconnected devices, a bipartisan group of Senators recently introduced a bill which would convene a working group of Federal stakeholders to provide recommendations to Congress on how to appropriately plan for and encourage the proliferation of the Internet of Things (IoT). The Developing Innovation and Growing the Internet of … Continue Reading
Earlier today, the European Commission (the Commission) issued a draft “adequacy decision” as well as the texts that will constitute the EU-U.S. Privacy Shield (the Privacy Shield). This includes the Privacy Shield Principles companies have to abide by, as well as written commitments by the U.S. Government on the enforcement of the arrangement, including assurance … Continue Reading
