Privacy Law Blog

Blog Authors

AB C DEF G HIJ K L M N O P Q R S TUVWXY Z

Om V. Alladi

Michelle E. Arnold

Vanessa P. Avello

Latest from Privacy Law Blog

Privacy Law Blog

CCPA Legislative Round-Up: Winners and Losers

By Christina Kroll & Divya Taneja on September 18, 2019

Businesses and California consumers are one step closer to understanding what their respective obligations and rights are under the California Consumer Privacy Act of 2018 (the “CCPA”). The CCPA is California’s landmark legislation that seeks to give California consumers the rights to learn about and control certain aspects of how a business handles the personal information that a business collects about them. It achieves this by requiring businesses to implement certain measures that enable consumers…

Privacy Law Blog

The New SHIELD Act Changes Breach Notification Rules and Data Security Standards for New Yorkers’ Personal Information

By Ellen Moskowitz & Elizabeth (Betsy) Rosen on August 21, 2019

Reflecting the movement to toughen data security laws on a state-by-state basis, on July 25, 2019, Governor Cuomo signed into law the Stop Hacks and Improve Electronic Data Security Act (the “SHIELD Act” or the “Act”). The Act amends New York State’s current data breach notification law, which covers breaches of certain personally-identifiable computerized data (referred to in the New York breach law as “Private Information”). The Act also breaks new ground by imposing substantive…

Privacy Law Blog

ICO Issues First Intentions to Fine Under the GDPR

By Kelly McMullon on July 25, 2019

GDPR fines are seemingly like buses, you wait over a year for enforcement action by the UK’s data supervisory authority, the ICO, and then two come along at once – and with quite dramatic effect.…

Privacy Law Blog

Amid a Spate of Activity, COPPA Remains an FTC Enforcement Priority

By Bonnie Yeomans, Stephanie Kapinos & Kevin Milewski on May 20, 2019

Earlier this month, the FTC sent a letter to Wildec, LLC, the Ukraine-based maker of several mobile dating apps, alleging that the apps were collecting the personal information and location data of users under the age of 13 without first obtaining verifiable parental consent or otherwise complying with the Children’s Online Privacy Protection Act (COPPA). The letter pressed the operator to delete personal information on children (and thereafter comply with COPPA and obtain parental consent…

Privacy Law Blog

CCPA: The California Senate is Not Ready to Expand the Consumer Right of Action

By Christina Kroll on May 17, 2019

Senate Bill 561’s smooth sail through the California legislature came to an end on Thursday, May 16. On the eve of the deadline for all fiscal committees to hear and report on the bills introduced in their house, the Senate Appropriations committee decided to hold the bill. Meaning, SB 561 will not pass out of the Senate this session. Notably, the controversial bill was a proposed CCPA amendment that threatened to expand the Act’s private…

Privacy Law Blog

French DPA Issues Robust Model Regulation for Biometric Access Controls in the Workplace

By Laura E. Goldsmith & Mathilde Pepin on April 24, 2019

In late March, the French Data Protection Authority, Commission Nationale de l’Informatique et des Libertés (“CNIL”) released a model regulation (the “Model Regulation”) governing the use of biometric access controls in the workplace. Unlike many items of personal information, biometric data (such as a person’s face or fingerprints) is unique and, if stolen or otherwise compromised, cannot be changed to avoid misuse. Under Article 9 of the GDPR, biometric data collected “for the purpose of…

Privacy Law Blog

The European Parliament Approves EU-Wide Standard for Whistleblower Protection

By Erika C. Collins, Daniel Ornstein, Lloyd B. Chinn, Pinchos Goldberg & Vanessa P. Avello on April 18, 2019

Per our previous post, the European Parliament and the Member States agreed to adopt new rules that would set the standard for protecting whistleblowers across the EU from dismissal, demotion, and other forms of retaliation when they report breaches of various areas of EU law. According to a press release issued by the European Parliament on April 16, 2019, the Parliament approved these changes by an overwhelming majority. The new rules require that employers…

Privacy Law Blog

With Regulators Increasing Focus on Spam Robocalls, Arkansas Follows Others States in Passing Anti-Spoofing Privacy Law

By Laura E. Goldsmith on April 8, 2019

Unwanted robocalls reportedly totaled 26.3 billion calls in 2018, sparking more and more consumer complaints to the FCC and FTC and increased legislative and regulatory activity to combat the practice. Some automated calls are beneficial, such as school closing announcements, bank fraud warnings, and medical notifications, and some caller ID spoofing is justified, such as certain law enforcement or investigatory purposes and domestic violence shelter use. However, consumers have been inundated with spam calls –…

Privacy Law Blog

In Groundbreaking Settlements, Attorneys General Find Fake Social Media Engagement Illegal

By Tiffany Quach & Alexa Meera Singh on April 1, 2019

On January 30, 2019, the Office of the New York Attorney General (“NY AG”) and the Office of the Florida Attorney General (“Florida AG”) announced settlements with Devumi LLC and its offshoot companies (“Devumi”), which sold fake social media engagement, such as followers, likes and views, on various social media platforms. According to the NY AG, such social media engagement is fake in that “it purports to reflect the activity and authentic favor of actual…

Privacy Law Blog

EU Agrees to Set the Floor for Whistleblower Protection Across All Member States

By Erika C. Collins, Daniel Ornstein, Lloyd B. Chinn & Vanessa P. Avello on March 12, 2019

According to a press release issued by the European Commission today, the European Parliament and the Member States have agreed to adopt new rules that set the standard for protecting individuals who blow the whistle on breaches of EU law from dismissal, demotion, and other forms of retaliation. This reform, which was first proposed by the European Commission in April 2018, seeks to replace the patchwork of whistleblower protections that currently exist across the Member…

Privacy Law Blog

Blog Authors

CCPA Legislative Round-Up: Winners and Losers

The New SHIELD Act Changes Breach Notification Rules and Data Security Standards for New Yorkers’ Personal Information

ICO Issues First Intentions to Fine Under the GDPR

Amid a Spate of Activity, COPPA Remains an FTC Enforcement Priority

CCPA: The California Senate is Not Ready to Expand the Consumer Right of Action

French DPA Issues Robust Model Regulation for Biometric Access Controls in the Workplace

The European Parliament Approves EU-Wide Standard for Whistleblower Protection

With Regulators Increasing Focus on Spam Robocalls, Arkansas Follows Others States in Passing Anti-Spoofing Privacy Law

In Groundbreaking Settlements, Attorneys General Find Fake Social Media Engagement Illegal

EU Agrees to Set the Floor for Whistleblower Protection Across All Member States

Company

Support

New to the Network