Correction to the original article: First American Title Insurance Company is not associated or involved with the March 3, 2021 consent decree between Residential Mortgage and New York Department of Financial Services. In early March, the New York State Department of Financial Services (“DFS”) entered into a consent order requiring Residential Mortgage Company to pay $1.5 million for failing to comply with Cybersecurity Regulation, Part 500 of Title 23 of the New York Code.  The…

After advancing steadily in their respective legislatures the first few months of 2021, the Oklahoma Computer Data Privacy Act has seemingly died, and the Washington Privacy Act may run into similar roadblocks it faced in prior years. After passing the Oklahoma House in early March, the Oklahoma bill grinded to a halt the first week of April after Oklahoma Senate Majority Leader refused to allow the bill to have a hearing, as confirmed in tweets…

A new privacy bill is gaining steam in the Oklahoma legislature. On March 4, the Oklahoma Computer Data Privacy Act (HB 1602) passed the state House of Representatives by a vote of 85-11.  If enacted in its current form, the bill would take effect on January 1, 2023, at the same as the California Privacy Rights Act and the Virginia Consumer Data Protection Act.…

We congratulate our friend and colleague Lydia de la Torre on her appointment to the inaugural board for the California Privacy Protection Agency.  “Californians deserve to have their data protected and the individuals appointed today will bring their expertise in technology, privacy and consumer rights to advance that goal,” said Governor Newsom. “These appointees [including Lydia] represent a new day in online consumer protection and business accountability.” In 2018, California became the first state in the…

Security & Privacy Bytes and our sister blog, Consumer Privacy World have been covering developments concerning the California Consumer Privacy Act of 2018 (“CCPA”).  As we discussed the end of last year, on December 10, 2020, the California Attorney General proposed some modifications to the regulations implementing the CCPA.  These were published in response to comments received by the AG following publication of the previous set of proposed CCPA modifications on October 12, 2020.  The…

The Florida state legislature is considering a sweeping data privacy bill introduced by Governor Ron DeSantis in February.  House Bill 969 is the latest state provision to follow in the footsteps of the California Consumer Privacy Act (“CCPA”), the California Privacy Rights Act and the Virginia Consumer Data Protection Act, in giving consumers greater control over how their personal information is used while imposing greater restrictions on companies’ use of that data.…

Among the challenges presented by the increasing number of state privacy laws are identifying how consumer rights differ under each of the various laws and operationalizing a workflow for responding to rights requests that ensures compliance with each.  In this post, we will focus on consumers’ “right to delete” under the California Consumer Privacy Act (the “CCPA”), the California Privacy Rights Act, which amends and will essentially replace the CCPA on January 1, 2023 (the…