Class action litigation has exploded in cases involving violations of Illinois’ Biometric Information Privacy Act (“BIPA”). Less known and litigated is Illinois’s Genetic Information Privacy Act (“GIPA”) – enacted in 1998. But recent trends may portend an increase in GIPA filings
Eye On Privacy
Timely Updates and Analysis on Privacy and Cybersecurity Issues
Latest from Eye On Privacy
NIST Expands Cybersecurity Framework with Release of Version 2.0
In its first major overhaul since 2014, the National Institute of Standards and Technology (NIST) updated its Cybersecurity Framework (CSF) on February 26, 2024. The updated 27-page CSF version 2.0 builds on version 1.1 and provides guidance to industry, government…
DPA 101: Do You Know Where Your Data Is?
As more and more states enact laws that mirror aspects of GDPR, and as companies begin to get used to the EU’s new standard contractual clauses, now may be a good opportunity for a refresh on data sharing agreements. As…
AI-Generated Voice Calls: New Tech, Old Rules
The FCC reminded companies this month that calls containing “artificial or prerecorded voices” are regulated by TCPA. And, that the FCC considers AI-generated voices to be just the kind of “artificial” that fall within the TCPA’s regulations. This announcement was…
EDPB Provides Guidance on Determining Primary Supervisory Authority
This month the EDPB shed light on the question of lead supervisory authorities. The issue arose in response to a question late last month from the French supervisory authority. Some background. As most international organizations are aware, GDPR provides for…
UK ICO Uses AI In Cookie Banner Review
The UK Information Commissioner’s Office recently reported that it is continuing its review of website cookie banners. It had expressed concern late last year that these banners were not giving “fair choices” because they did not make it as easy for…
California AG Turns on CCPA Investigation of Streaming Services
To close out Data Privacy Week, California Attorney General Rob Bonta announced a new investigative sweep probing streaming apps’ and devices’ compliance with the California Consumer Privacy Act (CCPA).…
The Garden State Cultivates a Consumer Privacy Law – The First for 2024
New Jersey’s governor has signed into law the first US state comprehensive privacy law of 2024. It will go into effect January 16, 2025. For those keeping score, that puts New Jersey after Florida, Oregon, Texas (all July 1, 2024),…
Privacy Day 2024: A Look Back at Developments from 2023
From the expansion of “general privacy” laws in US states and concerns over cross-border data transfers, to global focus on artificial intelligence, surveillance and dark patterns, 2023 was a busy year. Our privacy team tracked these developments and more during…
Defense Department Outlines Its Future Cybersecurity Program
The Department of Defense published a much-anticipated Proposed Rule at the end of last year for its Cybersecurity Maturity Model Certification program. The proposed rule is our first comprehensive look at the latest iteration of the CMMC program (referred to…