In the face of seemingly daily news reports of company data breaches and the mounting legislative concern and efforts on both the state and federal level to enact laws safeguarding personal information maintained by companies, employers should be questioning whether they should implement privacy policies to address the protection of personal information they maintain on
California
Employers Have An Obligation To Provide Meaningful Direction To Employees In Email Searches, But Employers Can’t Be Compelled To Recover Company Emails Stored On Personal Accounts Of Employees
A recent case from the Northern District of California raises the importance of actively engaging with employees to coordinate the search for documents and electronically-stored information to comply with the employer’s discovery obligations. At the same time, the Court ruled that an employer cannot be compelled to produce business-related emails from the personal email accounts…
Reasonable Data Security Defined by California AG
Last week, California Attorney General, Kamala D. Harris – who has been mentioned as a potential nominee to fill Justice Antonin Scalia’s recently vacated seat on the U.S. Supreme Court – issued the California Data Breach Report (Report). The Report provides an analysis of the data breaches reported to the California AG from 2012-2015.…
California Minors Gain Privacy Rights in the Online World
Thanks to a new state law enacted to protect minors from the modern follies of youth, minors in California can ring in the New Year by permanently deleting their regrettable online posts. This so-called “Online Eraser Law” – signed by Governor Jerry Brown on September 23, 2013 – will take effect on January…
California AB-1710 – Requires Credit Monitoring Information in Data Breach Notice, Including Services Must Last 12 Months and Be Provided at No Cost
California Governor Jerry Brown signed AB-1710 into law yesterday amending its existing data breach notification statute. The most significant change – companies that experience a data breach must provide information in the notification that if identity theft prevention and mitigation services are provided, they must be provided for at least 12 months to affected persons…
California Healthcare Provider Defeats Data Breach Class Action on Definition of Medical Information
In a victory for California healthcare providers, the California Court of Appeal recently held that a health care provider is not liable under California’s Confidentiality of Medical Information Act (CMIA) (Cal. Civ. Code, § 56 et seq.) when the health care provider releases an individual’s personal identifying information, but the information does …
California Attorney General Announces More Active Role in Dealing with Data Breaches, and Helpful Guide for Small Business
On Thursday, California Attorney General Kamala Harris announced heightened enforcement concerning data breaches, reports USAToday. AG Harris’ office also issued a Guide that provides recommendations to California businesses, particularly small businesses, to help them protect against and respond to the increasing threat of malware, data breaches and other cyber risks.
The circumstances are certainly…
NY Times Article Highlights State Action on Privacy
The New York Times published an interesting front page article by Somini Sengupta on October 31, 2013 about the growing trend of state legislative action on privacy issues, noting that over two dozen privacy laws have passed this year in more than 10 states. The piece also notes that the “patchwork of rules across the country” is …
How Do I Track Thee? Let Me Count The Ways.
California law soon may require commercial websites that collect personal data to disclose how they respond to “Do Not Track” signals from Web browsers. AB 370, an amendment to the California Online Privacy Protection Act (Act), which was sponsored by Attorney General Kamala Harris, passed the California Senate and Assembly at the end of…
California AG Report Announces Enforcement Priority for Breaches Involving Unencrypted Data
California Attorney General issues data breach report and announces enforcement priority to investigate breaches involving unencrypted personal information.
Continue Reading California AG Report Announces Enforcement Priority for Breaches Involving Unencrypted Data