As the integration of technology in the workplace accelerates, so do the challenges related to privacy, cybersecurity, and the ethical use of artificial intelligence (AI). Human resource professionals and in-house counsel must navigate a rapidly evolving landscape of legal and regulatory requirements. This National Privacy Day, it’s crucial to spotlight emerging issues in workplace technology
Damon W. Silver
The Spotlight Shines Even Brighter: New York Attorney General Publishes Guidance On Businesses’ Use Of Website Tracking Technologies
Organizations across the spectrum rely heavily on website tracking technologies to understand user behavior, enhance customer experience, and drive growth. The convenience and insights these technologies offer come with a caveat, however: They can land your organization in hot water if not managed in careful compliance with fast-evolving law.
Recent history is rife with litigation…
Rhode Island Passes a Comprehensive Consumer Data Privacy Law
On June 25, 2024, Rhode Island became the 20th state to enact a comprehensive consumer data protection law, the Rhode Island Data Transparency and Privacy Protection Act (“RIDTPPA”). The state joins Kentucky, Maryland, Minnesota, Nebraska, New Hampshire, and New Jersey in passing consumer data privacy laws this year.
The RIDTPPA takes effect on January…
Minnesota Passes a Comprehensive Consumer Data Privacy Law
On May 24, 2024, Minnesota’s governor signed an omnibus bill, HF4757 which included the new Consumer Data Privacy Act. The state joins Kentucky, Nebraska, New Hampshire, New Jersey, and Rhode Island in passing consumer data privacy laws this year.
Minnesota’s law takes effect July 31, 2025, except that postsecondary institutions and nonprofit corporations governed by…
Maryland Passes Comprehensive Data Privacy Law, Joining the Swelling State Ranks
Maryland’s governor recently signed the Maryland Online Data Privacy Act of 2024 (MODPA), making Maryland one of six states—along with Kentucky, Nebraska, New Hampshire, New Jersey, and Rhode Island—to pass a comprehensive privacy law this year. Overall, 19 states (and counting) now have such laws on their books.
Maryland’s law takes effect October 1…
The Broadening Data Security Mandate: SEC Incident Response Plan and Data Breach Notification Requirements
Virtually all organizations have an obligation to safeguard their personal data against unauthorized access or use, and, in some instances, to notify affected individuals in the event such access or use occurs. Those obligations are, in some instances, relatively nebulous, and organizations—for better or worse—have flexibility to determine what pre-incident safeguards and post-incident responsive actions…
Ten Days Until the Texas Data Privacy and Security Act Goes Live & AG’s Office Signals “Aggressive Enforcement”
With the Texas Data Privacy and Security Act (TDPSA) on the verge of taking effect on July 1, 2024, the State’s Attorney General, Ken Paxton, recently launched an initiative for “aggressive enforcement of Texas privacy laws.” As part of the initiative, Paxton has established a team that will focus on the enforcement of Texas’…
The American Privacy Rights Act?
In what is being called the American Privacy Rights Act (Act), some are suggesting this could be the one! For many years, Congress has been unable to come together to craft a national privacy law. There have been several snags, including whether to preempt state privacy laws and whether to provide a private right of…
CPPA Issues First “Enforcement Advisory” for CCPA – Data Minimization
The California Privacy Protection Agency (CPPA) issued its first enforcement advisory concerning the California Consumer Privacy Act (CCPA). In Enforcement Advisory No. 2024-01, the CPPA tackles a foundational principle – data minimization. Much of the attention surrounding the CCPA seems to focus on website privacy policies, notices at collection, and consumer rights requests. With…
New York AG Remains Active On The Data Security Enforcement Front
In yet another example of its focus on imposing greater data security accountability, the New York Attorney General (“NYAG”) recently announced a significant settlement with Marymount Manhattan College (“the College”). The settlement stems from a data breach to which the College was subject in 2021. Following an investigation, which, according to the NYAG, revealed inadequacies…