On July 7, 2021, Governor Jared Polis signed into law the Colorado Privacy Act (CPA), making Colorado the most recent state to enact comprehensive privacy legislation. While the CPA does not take effect until July 1, 2023, it contains robust provisions that businesses will need some time to prepare for.
Category Archives: State laws
First Circuit Creates Exception to Massachusetts Wiretap Statute Based on First Amendment Rights, Allows Citizens and Press to Record Police Activity Without Permission
The First Circuit’s recent opinion in Project Veritas Action Fund v. Rollins, upheld a challenge to the Massachusetts anti-wiretap law, Mass. Gen. Laws ch. 272, § 99, carving out an exception for certain activity protected by the First Amendment. The opinion begins:
Massachusetts, like other states concerned about the threat to privacy that commercially available electronic eavesdropping devices pose,… More
California voters on Election Day passed the California Privacy Rights Act (CPRA), an update and partial overhaul to the California Consumer Privacy Act (CCPA), the landmark 2018 privacy law. The new CPRA strengthens existing privacy protections, particularly for certain categories of sensitive personal information, and creates an independent enforcement agency. However, privacy advocates like the ACLU of Northern California and the Electronic Frontier Foundation came out against or refused to support the measure,… More
The Equifax/Massachusetts Attorney General Consent Judgment: A Guide for Privacy and Security Compliance
What do businesses need to do to comply with privacy and data security laws? The first place to look is to relevant statutes. If you store or process the personal information of Massachusetts residents, then you will at least be subject to the Massachusetts Data Breach Notification Statute and related security regulations. These are important guides that require certain operational activities, such as maintaining a written information security program,… More
Editors’ Note: This is the fifth in our fourth-annual end-of-year series examining important trends in data privacy and cybersecurity in the coming year. Our previous entry discussed the CCPA, energy, Brexit, and health privacy. Next up: trends in GDPR enforcement.
Out of all governmental agencies, state attorneys general are likely to have the greatest impact on privacy enforcement in 2020 for the average business. … More
On January 10, 2019, Massachusetts Governor Charlie Baker signed a new law that amends its data breach reporting law, and requires credit reporting agencies such as Equifax to provide a free credit freeze to consumers. The new law, “An Act Relative to Consumer Protection from Security Breaches,” also requires companies to offer up to three years of free credit monitoring to victims of a security breach,… More
Cybersecurity 2019 — The Year in Preview: New Attorneys General and Trends in State Data Privacy Laws
Editors’ Note: This is the third in our third annual end-of-year series examining important trends in data privacy and cybersecurity during the coming year. Our previous entries were on comparing the GDPR with COPPA and on energy and security. Up next: emerging threats.
Whether it was a Blue Wave or a “Big Victory,” the midterm elections unequivocally transformed state regulatory and enforcement landscapes by sweeping in four new Democratic Attorneys General and earning Democrats a majority of those key policymaking positions. … More