Privacy

Florida lawmakers have introduced companion bills in the Florida House (HB 963) and Senate (SB 1670) that would create limited online privacy rights and obligations in the state. The legislation appears to be very similar to the Nevada Online Privacy Protection Act, which was amended last year to add a right to opt-out of sales of covered information.

On Data Privacy Day last month, Gibson Dunn released the eighth edition of its United States Cybersecurity and Data Privacy Outlook and Review. The report details trends that the privacy industry saw in 2019 from a legislative, regulatory and judicial perspective.

Cybersecurity Law & Strategy partnered with our ALM sibling Legaltech News to ask cybersecurity and e-discovery experts what they thought the key trends were in 2019 and what they expect to see in 2020.

Rather than trying to institute changes to comply with every new privacy law as it emerges, a better approach is to view data privacy as an overall framework and adopt a holistic response to compliance with the built-in flexibility to constantly adapt to an ever-changing legal landscape.

Although no company was hit with the maximum GDPR fine of 4% of the company's worldwide annual revenue, GDPR fines issued in 2019 were still a force to be reckoned with.

Part Two of a Two-Part Article

All companies face cybersecurity threats, but the legalized cannabis industry's storage of personally identifiable information and reliance on seed-to-sale tracking software can place it firmly within hackers' crosshairs.

The BIPA compliance lag has led companies using or collecting biometric information to consider how far back their liability may extend. The Illinois General Assembly, however, did not include an explicit statute of limitations period in BIPA. As a result, the statute of limitations has become one of BIPA's primary battlegrounds as litigants argue about potential class sizes and damages awards.