The passage of the California Consumer Privacy Act (CCPA) was a seismic event in U.S. data privacy law. CCPA has an expansive, rights-based approach to privacy, with national and international ramifications.
What do pumpkin spice lattes and National Cybersecurity Awareness Month have in common? Not much, other than both should be top of mind in October, but that doesn’t mean that it’s wrong to think about them both in August.
Held every October, National Cybersecurity Awareness Month is a collaborative effort between government and industry to ensure every American has the resources they need to stay safe and secure online while increasing the resilience of the Nation against cyber threats. … More
Partner Colin Zick will speak at the “A Day at the Breach: Cybersecurity and Privacy for Your Business” event in Boston on August 14, 2019.
Inadequate Cybersecurity processes can bring business operations to a halt, and cost thousands of dollars in litigation and lost revenue. This networking program will feature an expert panel discussion on recent trends in Cybersecurity and Privacy issues and best practices.… More
The California Consumer Privacy Act (“CCPA”) is expected to become operative on January 1, 2020 and will usher in a new era of data privacy for consumers across the United States. The CCPA establishes various rights for individuals, most notably the right to know about the collection, sale, and disclosure of their personal information, the right to opt-out of the sale of their personal information, and – the subject of today’s post – a limited right to request that their personal information be deleted.… More
The EU Commission issued today a “Communication to the European Parliament and the Council” which is entitled “Data protection rules as a trust enabler in the EU and beyond- taking stock”, which outlines the current state of EU data protection, with particular focus on the impact of GDPR.
- The implementation of GDPR in the EU
The Commission notes that all EU Member States have updated their national data protection laws except for three (Greece,… More
Local governments may not be in the headlines as much as their state and federal counterparts, but last week saw local governments getting their turn on the news. In politics, the Democratic presidential primary debates saw a total of 6 current or former mayors take the stage. (Free trivia fact: By comparison, only 3 presidents in American history have previously served as mayors!) And the City of Somerville, Massachusetts banned governmental use of facial recognition technology.… More
New York’s state legislature is considering a new data privacy law that would set the standard for data privacy in the U.S. The New York Privacy Act (the “NYPA” or the “Act”), which is currently being considered by the state Senate’s Consumer Protection Committee, would provide New York consumers with a robust set of data privacy rights, would place fiduciary duties on businesses that control and process data,… More
In early June, the Cyberspace Administration of China released for public comment new draft regulations applicable to the collection of personal information relating to children under 14 by online service providers.
The draft regulations share many of the same structures as those utilized by the Children’s Online Privacy Protection Act (“COPPA”) in the United States:
- online service operators will have to obtain parental consent based on a comprehensive disclosure about the collection,…
As Massachusetts lawmakers consider whether to legalize sports betting, professional athletes fear that their biometric data – which can be collected and analyzed as part of their training – could become a commodity in this form of gambling. Professional sports leagues say that they have no plans to make this data available for gamblers, but the use of biometric data from wearable health devices is not covered by health privacy laws.… More
A new Massachusetts law toughens reporting requirements for companies and organizations hit by data security breaches and mandates requires free credit monitoring to affected consumers. Partner Colin Zick and counsel Chris Hart recently presented a webinar for Associated Industries of Massachusetts (AIM) that provides a big picture of the data privacy legal landscape, discusses real-world impacts of the new provisions and offers guidance on other upcoming changes such as the GDPR and the California Consumer Privacy Act (CCPA).… More