Alan L. Friel
Part One of a Two-Part Article
Responses to questions businesses frequently ask about the impacts of the CCPA. Implementation challenges inevitably will arise as a company works to apply these new requirements to its business practices. The time is now to start preparing for the CCPA, as well as for other new U.S. privacy laws that are likely to follow.
Including a managed document review vendor in your incident response plan is critical.
In Its Motion To Dismiss, Marriott Insisted the Breach Caused No Harm to Its Guests and Attached a Declaration By a Former Government Official Who Wrote: “A U.S. Passport Is Virtually Impossible to Forge Successfully.”
Marriott is insisting that last year’s cyberattack did no harm to its hotel guests, not least of which because hackers cannot use stolen passport numbers.
Michael Bahar, Sarah Paul, Mary Jane Wilson-Bilik and Ali Jessani
While legislation to enhance data privacy rights and obligations continue to make headlines, regulators and legislators are also stepping up their cybersecurity expectations. In the first half of 2019, a number of states have updated their existing data breach notification laws and passed new cybersecurity requirements.
Bring Your Own Device is one of the biggest compliance-related issues companies face today, and when it comes to security risks, law firms are prime targets. Considering law firms are built on their reputation, firms must make every assurance that the technology they use will protect their data.
F. Paul Greene
Defines Data Breach and Requires Data Security Controls
New York has brought itself into line with a number of states concerning how they define a data breach, and, where applicable, what substantive security controls they require.
Websites with embedded Facebook “like” buttons must inform users their data will be collected and processed by the social media giant, the Court of Justice of the European Union has ruled.
For businesses that own such a device, or for individual employees who might have a personally owned one on their office desk, the question of who owns any recorded data remains murky.
Approximately 30 states have enacted anti-SLAPP statutes, which are intended to deter lawsuits that impede the right to free speech and other related activities. New statutory language in Texas's anti-SLAPP statute specifically protects those in the entertainment and media industries, and such explicit reference should prove comfort to content creators and publishers.
Robert J. Anello and Richard F. Albert
Although increased reliance on technology such as emails and texts has provided greater opportunity to gather evidence of criminal activity, law enforcement agencies around the world complain that encryption technologies make it difficult to catch criminals and terrorists and therefore should be restricted.