CyberAdviser

Insights from the frontlines of privacy and data security law

Blog Authors

AB C DEFG HIJ K L MNO PQR S TUVWXYZ

Stephanie I. Awanyai

David L. Axelrod

Latest from CyberAdviser

CyberAdviser

California Department of Justice Proposes Third Set of Amendments to CCPA Regulations

By Philip N. Yannella & Katie Morehead

October 14, 2020

The Regulations to the California Consumer Privacy Act (CCPA) continue to evolve, in confusing fashion. As background, the AG’s Office had previously issued proposed Regulations to the CCPA in October 2019. The AG’s Office then issued a revised set of proposed amendments to the Regulations in February 2020 and then again in March 2020. While most of the regulations were made effective on August 14, 2020, the California Department of Justice withdrew four (4) sections…

CyberAdviser

FinCEN and OFAC Advisories Aim to Increase Cybersecurity Awareness and Thwart Ransomware Attacks in the Financial Sector

By Philip N. Yannella, Ada B. Okafor & Andrew N. D'Aversa

October 7, 2020

October is National Cybersecurity Awareness Month, and the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”) and Office of Foreign Assets Control (“OFAC”) kicked off the month by issuing two advisories that aim to increase cybersecurity awareness, assist financial institutions in detecting and reporting ransomware activity, and highlight potential sanctions risks for facilitating ransomware payments. The FinCEN and OFAC advisories signal the seriousness with which the Department of Treasury treats the threat…

CyberAdviser

CCPA Amendments Signed into Law

By Kim Phan

October 6, 2020

Last week, California Governor Gavin Newsom signed into law two amendments to the California Consumer Privacy Act (CCPA) that would impact various CCPA exemptions. One amendment, A.B. 1281 would extend two exemptions that were set to expire later this year: the employee exemption and the business (B2B) exemption. Both of these exemptions will now remain in effect until at least January 1, 2022. The other amendment, A.B. 713, would clarify the exemption relating to de-identified personal…

CyberAdviser

HHS Announces Eight HIPAA Settlements

By Edward I. Leeds & Paige A. Haughton

October 2, 2020

Following a very quiet start to HIPAA settlement activity in 2020, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced eight settlements with covered entities and business associates. The most recent of these announcements involves the second-largest HIPAA settlement amount in OCR’s history, amounting to $6.85 million. This settlement with Premera Blue Cross (PBC) pertains to an incident that occurred in May 2014 when hackers installed malware…

CyberAdviser

Washington’s Latest Effort at Passing a Comprehensive Privacy Act

By Philip N. Yannella & Sarah B. Dannecker

September 29, 2020

On September 9, 2020, Washington Senator Reuven Carlyle, D-Seattle, announced via Twitter that the third version of the draft Washington Privacy Act 2021 (“WPA”) was available for public review and comment. The recently released version of the WPA is the latest attempt by the Washington legislature to pass a comprehensive privacy bill. An earlier 2020 version failed to pass Washington’s House of Representatives due to disagreement over whether the act should contain a private right…

CyberAdviser

FTC Holds Workshop on Data Portability

By Kim Phan & Katie Morehead

September 29, 2020

On September 22nd, the Federal Trade Commission (FTC) hosted an event, “Data To Go: An FTC Workshop on Data Portability,” to examine the potential benefits and challenges to consumers and competition raised by data portability. Data portability means giving consumers the ability to receive a copy of their data for their own use or and move the data to another entity or service. The workshop did not focus on any specific policy proposals…

CyberAdviser

Subscription Service Agrees to Pay $10 Million for Automatic Renewal Law Violations

By Philip N. Yannella & Katie Morehead

September 22, 2020

Earlier this month, the Federal Trade Commission (FTC) announced a $10 million settlement with the online learning company ABCmouse for allegedly violating the FTC Act as well as the Restore Online Shoppers’ Confidence Act (ROSCA). The FTC Act prohibits unfair or deceptive acts or practices in or affective commerce. ROSCA makes it illegal to automatically charge consumer for products sold online unless the seller clearly discloses the material terms of the transaction before obtaining the…

CyberAdviser

Digital Assets in Estate Planning: Cybersecurity Concerns and Considerations

By Philip N. Yannella & Priscilla G. Osei-Bonsu

September 14, 2020

With the rise of the digital world, many estate planning clients have accumulated large collections of “digital assets” that are stored online. In its simplest form, a “digital asset” is a non-physical asset that exists online in electronic format. Most clients preserve digital assets either for their sentimental value or their financial value. Examples of digital assets which are preserved for their sentimental value include digital photos, music, movies, eBooks, information and documents stored on…

CyberAdviser

HHS Issues HIPAA Guidance on Contacting Survivors of COVID-19 About Plasma Donation

By Edward I. Leeds & G'Nece Jones

August 28, 2020

The Office of Civil Rights of the U.S. Department of Health and Human Services has issued guidance clarifying how HIPAA’s Privacy Rule permits covered entities (in particular, health care providers and health plans) or their business associates to contact former COVID-19 patients about plasma donation to treat or potentially treat patients. The guidance follows the FDA’s approval of blood plasma with COVID-19 antibodies to treat current COVID-19 patients. The guidance observes that covered entities under…

CyberAdviser

Facebook BIPA Class Settlement Receives Preliminary Approval

By Gregory P. Szewczyk & Christopher Byer

August 20, 2020

On August 19, 2020, the United States District Court for the Northern District of California granted preliminary approval of the class action settlement in In re Facebook Biometric Information Privacy Litigation, 3:15-cv-03747-JD. If the settlement receives final approval, Facebook would pay $650 million to Illinois class members as compensation for violations of the Illinois Biometric Information Privacy Act (“BIPA”)—a $100 million increase from the settlement proposal that the District Court denied earlier this year. The…

CyberAdviser

Insights from the frontlines of privacy and data security law

Blog Authors

California Department of Justice Proposes Third Set of Amendments to CCPA Regulations

FinCEN and OFAC Advisories Aim to Increase Cybersecurity Awareness and Thwart Ransomware Attacks in the Financial Sector

CCPA Amendments Signed into Law

HHS Announces Eight HIPAA Settlements

Washington’s Latest Effort at Passing a Comprehensive Privacy Act

FTC Holds Workshop on Data Portability

Subscription Service Agrees to Pay $10 Million for Automatic Renewal Law Violations

Digital Assets in Estate Planning: Cybersecurity Concerns and Considerations

HHS Issues HIPAA Guidance on Contacting Survivors of COVID-19 About Plasma Donation

Facebook BIPA Class Settlement Receives Preliminary Approval

Stay Connected

Company

Products

Support

New to the Network