Earlier today, the Illinois Supreme Court handed down a significant decision concerning the ability of individuals to bring suit under the Illinois Biometric Information Privacy Act (BIPA). In short, individuals need not allege actual injury or adverse effect, beyond a violation of his/her rights under BIPA, in order to qualify as an “aggrieved” person and
New Mexico Enacts Data Breach Notification Act
On April 6, 2017, New Mexico Governor Susana Martinez signed HB 15, making New Mexico the 48th state to enact a data breach notification law. The law has an effective date of June 16, 2017 and follows the same general structure of many of the breach notification laws in other states.
Importantly, the definition of
Illinois Enacts Amendments to the Personal Information Protection Act
Last month, Illinois Governor Bruce Rauner signed into law a number of amendments to the State’s Personal Information Protection Act (“PIPA”) that expand the definition of protected personal information and increase certain data breach notification requirements. The amendments, highlighted below, take effect January 1, 2017.
Currently, “personal information” is limited to an individual’s first name
Illinois Attorney General Seeks Stronger Data Breach Notification Law, Requirement to Safeguard Personal Information
Reacting to a report that identity theft was a top concern for Illinois residents (second in a list of ten), Attorney General Lisa Madigan announced a legislative proposal to strengthen the state’s existing data breach notification law. The call for stronger breach notification laws is a trend that has emerged in other states, such as
Illinois Next in Prohibiting Employers from Demanding Social Media Passwords?
Illinois next in the line of states seeking to prohibit employers from asking employees and applicants for their Facebook and other social media passwords.
Continue Reading Illinois Next in Prohibiting Employers from Demanding Social Media Passwords?
Maryland and Illinois Seek to Protect Employee Social Media Activity
Have you ever reviewed the Facebook or LinkedIn profile or other social media activity of an employee or applicant? How about requiring employees or applicants to provide access to social media activity as a condition of employment.
Continue Reading Maryland and Illinois Seek to Protect Employee Social Media Activity
Don’t Mess With Texas–Amended Law Imposes Breach Notification Obligations In All 50 States
In a novel approach to data breach notification requirements, Texas has amended its breach notification law (Business & Commerce Code, Section 521.053) to require notification to residents of not only Texas, but to residents of each of the 50 states. The amendment becomes effective September 1, 2012, and applies to “all persons who conduct business
Illinois Amends Its Data Breach Notification Law and Adds Data Disposal Mandate
Illinois amends its breach notification law and adds a data disposal mandate.
Continue Reading Illinois Amends Its Data Breach Notification Law and Adds Data Disposal Mandate
Maryland Restricts Employer Use of Credit History Information
On April 12, 2011, Maryland Governor Martin O’Malley signed into law S.B. 132/H.B. 87. Under this law, Maryland employers, except in limited circumstances, are prohibited from using an individual’s consumer credit history for hiring or other employment purposes. 
Beginning October 1, 2011, employers are prohibited from using credit report data to deny employment, discharge an
State Law Developments for Credit and Criminal Background Checks
Recent state law developments will affect whether and to what extent certain employers can conduct credit and criminal background checks on employees and applicants. Employers, particularly multi-state employers, should be sure to review these new requirements and adjust their practices accordingly.
Massachusetts
The Commonwealth has changed how employers access and use criminal offender record information