Last December, the Department of Defense (“DoD”) published its proposed rule setting forth cybersecurity requirements for defense contractors and subcontractors. These requirements are designated with a particular Cybersecurity Maturity Model Certification (CMMC) level that is associated with the contractor’s
Taft Privacy & Data Security Insights
Updates and analysis from Taft Privacy and Data Security attorneys
Blog Authors
Latest from Taft Privacy & Data Security Insights
California Delivers to DoorDash $375,000 Civil Penalty: California AG Announces Second CCPA Settlement
On Wednesday, February 21, 2024, California Attorney General Rob Bonta announced that his office reached a settlement with DoorDash, which addresses allegations that the company facilitated several violations of both the California Consumer Privacy Act (CCPA) and the California Online…
Children’s Online Privacy Protection Act Update: Part Deux! New FTC Rulemaking Proposal
As we discussed last year, the Federal Trade Commission (FTC) has increased its focus and its enforcement related to the Children’s Online Privacy Protection Act (COPPA), especially in the educational context. Now the FTC is taking further steps to…
California Appeals Court Holds CPRA’s Implementing Rules Are Immediately Enforceable
Late last week, the California Third District Court of Appeal (the “Court”) overturned a lower court decision delaying the enforcement of amended privacy regulations. On Friday, February 9, 2024, the Court held that the California Privacy Protection Agency (the…
Navigating FCC’s Latest Rules: A Quick Guide to Compliance with new TCPA Regulations
In late 2023, the Federal Communication Commission (FCC) adopted significant changes to its Telephone Consumer Protection Act (TCPA) regulations. The purpose of the changes was to address escalating consumer threats caused by scam robocalls and robotexts.
The FCC created new…
The Garden State Joins the Privacy Party – New Jersey Becomes the Latest State to Adopt a Comprehensive Data Privacy Law
Webinar: 10 Privacy and Security Resolutions in the New Year
Tuesday, Jan. 30, 2024
11 a.m. – 12 p.m. ET
You read the news every day and maybe even receive notices yourself: data security and privacy compliance is a growing area of concern and risk for businesses. With security incidents…
OCR Doubles Down: Two Settlements in Two Months for Two Common Cybersecurity Issues
On Dec. 7, 2023, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR), announced a settlement with a Louisiana medical group specializing in emergency medicine, occupational medicine, and laboratory testing. The settlement resolves an investigation following…
Breaking Down India’s Digital Personal Data Protection Act, 2023
In August, India passed its long-awaited Digital Personal Data Protection Act, 2023 (“the Act”). Initially introduced in 2019, the draft bill went through several iterations before being approved by India’s Union Cabinet earlier this year. Although the Act shares many…
Snap Receives Preliminary Enforcement Notice Related to Privacy Risks Posed by AI Chatbot
On October 6, 2023, Snap Inc. and Snap Group Ltd. (collectively, “Snap”) received a preliminary enforcement notice from the U.K. Information Commissioner’s Office (ICO) due to a potential failure to properly assess the privacy risks posed by its generative AI…