When the California Consumer Privacy Act of 2018 (CCPA) became law, it was only a matter of time before other states adopted their own statutes intending to enhance privacy rights and consumer protection for their residents. After overwhelming support in the state legislature, Connecticut is about to become the fifth state with a comprehensive privacy
Utah Becomes Fourth State to Enact A Comprehensive Privacy Law
Just as businesses are preparing to ensure compliance with similar laws in California, Colorado, and Virginia, they soon will need to consider a fourth jurisdiction, Utah. On March 24, 2022, Governor Spencer Cox signed a measure enacting the Utah Consumer Privacy Act (UCPA). The UCPA is set to take effect December 31, 2023. Note,
Massachusetts Legislature Evaluates Its Own Comprehensive Consumer Privacy Law
The Massachusetts Information Privacy and Security Act (MIPSA) continues to advance through the state legislative process, and is now before the full legislature. While the Act has several hurdles to clear before becoming law, its notable for two reasons. First, the comprehensive nature of the MIPSA exemplifies the direction state data protection laws are heading
Massachusetts Privacy Bill Provides WISP Reminder, Safe Harbor for Punitive Damages
When Massachusetts issued its data security regulations in 2009 (Regulations), it led the way for states on data security. The Regulations became effective 12 years ago, almost to the day, March 1, 2010. The Bay State is now contemplating comprehensive privacy legislation, the Massachusetts Information Privacy and Security Act (MIPSA), similar to what has been
Top 10 for 2022 – Happy Data Privacy Day!
In honor of Data Privacy Day, we provide the following “Top 10 for 2022.” While the list is by no means exhaustive, it does provide some hot topics for organizations to consider in 2022.
- State Consumer Privacy Law Developments
On January 1, 2020, the CCPA ushered into the U.S. a range of new rights for
California Consumer Privacy Act, California Privacy Rights Act FAQs for Covered Businesses
The California Consumer Privacy Act (CCPA), considered one of the most expansive U.S. privacy laws to date, went into effect on January 1, 2020. The CCPA placed significant limitations on the collection and sale of a consumer’s personal information and provides consumers new and expansive rights with respect to their personal information.
Less than one
Does Your Cyber Insurance Policy Look More Like Health Insurance?
Over the past several years, if your organization experienced a cyberattack, such as ransomware or a diversion of funds due to a business email compromise (BEC), and you had cyber insurance, you likely were very thankful. However, if you are renewing that policy (or in the cyber insurance market for the first time), you are
CCPA at the Two-Year Mark
The CCPA has reached the two-year mark. This is a good time for businesses to review the success of their compliance programs, recalibrate for the CCPA’s third year, and gear up for the CPRA’s January 1, 2023 effective date.
Here are a few suggestions:
- Privacy Policies. The CCPA requires a business to update the
Ohio Introduces CCPA-like Consumer Privacy Bill
Consumer privacy issues are as a hot as ever, and on the radar of the state and federal legislature alike. Following in the footsteps of California, and most recently Virginia and Colorado, Ohio introduced a comprehensive consumer privacy bill, the Ohio Personal Privacy Act (the “Act”). By introducing the Act, Ohio follows the growing nation-wide
As Facial Recognition Technology Surges, Organizations Face Privacy and Cybersecurity Concerns, and Fraud
Facial recognition technology has become increasingly popular in recent years in the employment and consumer space (e.g. employee access, passport check-in systems, payments on smartphones), and in particular during the COVID-19 pandemic. As the need arose to screen persons entering a facility for symptoms of the virus, including temperature, thermal cameras, kiosks, and other devices