General counsel who navigate the mishmash of state privacy laws may relate to a new study showing that individual U.S. states' privacy statutes are spread across a broad spectrum.
November 01, 2019Sue Reisinger
Part One of a Two-Part Article The California Consumer Privacy Act (CCPA) is a comprehensive new consumer protection law set to take effect on Jan. 1, 2020. In the wake of the CCPA's passage, approximately 15 other states introduced their own CCPA-like privacy legislation, and similar proposals are being considered at the federal level. Part One of this article covers how the CCPA applies to businesses — both in and outside California, the revenue threshold, proposed amendments and other open issues.
November 01, 2019Alan L. FrielPart One of a Two-Part Article Responses to questions businesses frequently ask about the impacts of the CCPA. Implementation challenges inevitably will arise as a company works to apply these new requirements to its business practices. The time is now to start preparing for the CCPA, as well as for other new U.S. privacy laws that are likely to follow.
October 01, 2019Alan L. FrielIncluding a managed document review vendor in your incident response plan is critical.
October 01, 2019Andrew GoodmanIn Its Motion To Dismiss, Marriott Insisted the Breach Caused No Harm to Its Guests and Attached a Declaration By a Former Government Official Who Wrote: "A U.S. Passport Is Virtually Impossible to Forge Successfully." Marriott is insisting that last year's cyberattack did no harm to its hotel guests, not least of which because hackers cannot use stolen passport numbers.
October 01, 2019Amanda BronstadWhile legislation to enhance data privacy rights and obligations continue to make headlines, regulators and legislators are also stepping up their cybersecurity expectations. In the first half of 2019, a number of states have updated their existing data breach notification laws and passed new cybersecurity requirements.
August 01, 2019Michael Bahar, Sarah Paul, Mary Jane Wilson-Bilik and Ali JessaniBring Your Own Device is one of the biggest compliance-related issues companies face today, and when it comes to security risks, law firms are prime targets. Considering law firms are built on their reputation, firms must make every assurance that the technology they use will protect their data.
August 01, 2019Gevorg KarapetyanDefines Data Breach and Requires Data Security Controls
New York has brought itself into line with a number of states concerning how they define a data breach, and, where applicable, what substantive security controls they require.
August 01, 2019F. Paul GreeneWebsites with embedded Facebook “like” buttons must inform users their data will be collected and processed by the social media giant, the Court of Justice of the European Union has ruled.
August 01, 2019Caroline SpiezioFor businesses that own such a device, or for individual employees who might have a personally owned one on their office desk, the question of who owns any recorded data remains murky.
August 01, 2019Brian Schrader
