Online retailer Harriet Carter Gifts recently obtained summary judgment from the district court in a class action under Pennsylvania wiretap law. At the heart of this case is the interpretation and application of the Pennsylvania Wiretapping and Electronic Surveillance Control Act of 1978 (WESCA), a statute designed to regulate the interception of electronic communications. The
privacy
California’s Proposed Location Privacy Act: A Potential Game-Changer for Tracking Location of Individuals
Businesses that track the geolocation of individuals—whether for fleet management, sales and promotion, logistics, risk mitigation, or other reasons—should closely monitor the progress of California Assembly Bill 1355 (AB 1355), also known as the California Location Privacy Act. If passed, this bill would impose significant restrictions on the collection and use of geolocation data…
Class Certification Granted – California Website Tracking Lawsuit Reminds Businesses about Notice Risks
A California federal district court recently granted class certification in a lawsuit against a financial services company. The case involves allegations that the company’s website used third-party technology to track users’ activities without their consent, violating the California Invasion of Privacy Act (CIPA). Specifically, the plaintiffs allege that the company along with its third-party…
Firings at the US Privacy and Civil Liberties Oversight Board and Potential Impact on Transatlantic Data Transfers
President Trump recently fired the three democrats on the Privacy and Civil Liberties Oversight Board (PCLOB). Since these firings bring the Board to a sub-quorum level, they have the potential to significantly disrupt transatlantic transfers of employee and other personal data from the EU to the US under the EU-US Data Privacy Framework (DPF).
The…
California Privacy Protection Agency Advances Rulemaking on AI and Cybersecurity Audits
- Automated Decision-Making
Amendment to CCPA Would Require Consumer OptOut Elections to be Preserved Following M&A Transactions
Data privacy and security risk and compliance issues relating to exchanges of personal information during merger, acquisition, and similar transactions can sometimes be overlooked. In 2023, we summarized an enforcement action resulting in a $400,000 settlement following a data breach that affected personal information obtained during a transaction.
California aims to bolster its California…
Out of Sync: Mitigating Data Privacy and Security Risks Stemming From Data Syncing Across Devices
With organizations holding more and more data digitally, there is an increased need to ensure data remains accessible across the organization at any given time. To that end, many organizations use tools that synchronize the organization’s data across various databases, applications, cloud services, and mobile devices, which involves updating data in real-time or at scheduled…
Think About Why Fortune 500 Companies Are Citing AI Risks in Their SEC Filings
While the craze over generative AI, ChatGPT, and the fear of employees in the professions landing on breadlines in the imminent future may have subsided a bit, many concerns remain about how best to use and manage AI. Of course, these concerns are not specific to Fortune 500 companies.
A recent story in CIODive reports…
White House Publishes Steps to Protect Workers from the Risks of AI
Last year the White House weighed in on the use of artificial intelligence (AI) in businesses.
Since the executive order, several government entities including the Department of Labor have released guidance on the use of AI.
And now the White House published principles to protect workers when AI is used in the workplace.
The…
New HIPAA Final Rule Imposes Added Protections for Reproductive Health Care Privacy
On April 22, 2024, the federal Department of Health and Human Services’ Office for Civil Rights (OCR) announced a final rule enhancing privacy protections relating to reproductive health care. Specifically, the final rule amends the Privacy Rule under the Health Insurance Portability and Accountability Act (HIPAA) to, among other things, establish new limits on the…