The Firewall

Emerging Issues in Privacy and Cybersecurity Law

California Legislative Sessions Closes and Brings Finality to CCPA Amendments for Now

By Ashley R. Fickel on September 17, 2019

After a busy year of legislative activity that brought forth many proposed amendments to the California Consumer Privacy Act (CCPA), Governor Gavin Newsom will be presented with six bills that will alter and/or clarify the scope of the CCPA. He is expected to sign all of them into law in October. Employee Data: The original version of the CCPA did not contain an exemption for employees’ personal information. Assembly Bill 25 brings needed clarity to…

The Firewall

DHHS Issues Proposed Rule Amending 42 CFR Part 2

By Kathrin E. Kudner & Kathleen A. Reed on September 12, 2019

On August 22, 2019, the Substance Abuse and Mental Health Services Administration of the United States Department of Health and Human Services (“SAMHSA”) issued a proposed rule amending the Confidentiality of Substance Use Disorder Patient Records regulations set forth at 24 CFR Part 2. These regulations were initially implemented to provide heightened protection of patient records covering the treatment of substance use disorder (“SUD”) provided by certain federally funded programs (“Part 2 programs”). The proposed…

The Firewall

Delta Airlines Sues Vendor for Data Breach

By Sean C. Griffin & Sarah S. Hazimi on September 4, 2019

Following a security incident involving its website’s chat function, Delta filed suit in the Southern District of New York against its tech vendor, [24]7.ai. Delta alleged fraud, negligence and breach of contract. A consumer class action lawsuit had already been filed against Delta in the Northern District of Georgia, related to the same incident. According to the Complaint, on March 28, 2018, Delta was notified by [24]7.ai that a security incident had potentially compromised personally…

The Firewall

February 27, 2019, CCPA Webinar Q&As: Private Claims Under the CCPA

By Lukas Sosnicki & Ashley R. Fickel on July 26, 2019

This blog post is the third in a series of Q&A posts following Dykema’s February 27, 2019 webinar on the California Consumer Privacy Act (“CCPA”). The statute takes effect on January 1, 2020–which is less than six months away. Please feel free to reach out to us if you have a unique question or would like to discuss in detail how the CCPA may apply to you. You may see our first and second posts…

The Firewall

New York Data-Privacy Proposal More Stringent than California’s CCPA

By Lukas Sosnicki & Ashley R. Fickel on July 1, 2019

Over the last few months, we have been presenting and reporting on the California Consumer Privacy Act (CCPA), the county’s first comprehensive state law designed to give consumers significant control over the personal data that companies collect. Not to be outdone, New York is working on data privacy legislation that imposes even heavier burdens on companies that collect consumer information. The proposed New York Privacy Act (NYPA), Senate Bill S5642, sponsored by Democrat Kevin Thomas,…

The Firewall

CCPA Watch: Proposed Sweeping Overhaul Withdrawn, Three Amendments Providing Key Clarifications Remain Pending

By Ashley R. Fickel & Lukas Sosnicki on May 8, 2019

April was another busy month for legislative activity on the California Consumer Privacy Act (CCPA), following a very busy February [see our prior post here]. A proposed sweeping revision to the CCPA, AB 1760, was withdrawn, while three key amendments, AB 25, AB 873, and AB 874, are up for a floor vote. Meanwhile, SB 561, which greatly expands the private right of action under the CCPA, is now in the Senate Appropriations…

The Firewall

Utah Sets Limits on Law Enforcement’s Ability to Gather Individuals’ Electronically Transmitted Data

By Sean C. Griffin on May 3, 2019

Utah enacted a sweeping data privacy law that affects how employers and corporations respond to police demands for data. With this new law, Utah becomes the first state to protect electronic information individuals disclose to third parties. Utah’s law requires a search warrant for a law enforcement agency conducting a criminal investigation or prosecution to obtain (i) location information, stored data, or transmitted data of an electronic device or (ii) electronic information or data transmitted…

The Firewall

Arbitration Clauses & BIPA: The Broader the Better

By Heather L. Kramer on April 15, 2019

After the Illinois Supreme Court’s decision in January holding that a plaintiff need not show actual harm to be an “aggrieved person” under the Illinois Biometric Information Privacy Act (“BIPA”), parties litigating under BIPA have been testing other defenses. One of those defenses is whether BIPA matters can be compelled to arbitration pursuant to an arbitration provision set forth in the parties’ agreement. On Tuesday, April 9, the First District Appellate Court of Illinois issued…

The Firewall

February 27, 2019 CCPA Webinar Q&As: Third-Parties & Due Diligence

By Ashley S.A. Jackson, Ashley R. Fickel & Lukas Sosnicki on April 12, 2019

This blog post is the second in a series of Q&A posts following Dykema’s February 27, 2019 webinar on the California Consumer Privacy Act (“CCPA”). We received questions both before and during the webinar, and over the coming weeks we will be posting our responses. We will answer the most commonly-asked questions first, so please stay tuned if you don’t see your question in our first few posts. And, of course, please feel free to…

The Firewall

Is the Illinois Legislature Rethinking BIPA?

By Rosa M. Tumialán on March 26, 2019

Data privacy litigation is not a new frontier. The Illinois Biometric Information Privacy Act (“BIPA”) has provided a private right of action for the improper collection of biometric information from Illinois citizens without consent since 2008. Even so, employers and businesses alike were caught off-guard when plaintiffs began filing class actions complaints alleging BIPA violations in 2015. Defendants scored early victories in these cases, as evidenced in the Second District Appellate Court opinion finding that…

The Firewall

Emerging Issues in Privacy and Cybersecurity Law

Blog Authors

California Legislative Sessions Closes and Brings Finality to CCPA Amendments for Now

DHHS Issues Proposed Rule Amending 42 CFR Part 2

Delta Airlines Sues Vendor for Data Breach

February 27, 2019, CCPA Webinar Q&As: Private Claims Under the CCPA

New York Data-Privacy Proposal More Stringent than California’s CCPA

CCPA Watch: Proposed Sweeping Overhaul Withdrawn, Three Amendments Providing Key Clarifications Remain Pending

Utah Sets Limits on Law Enforcement’s Ability to Gather Individuals’ Electronically Transmitted Data

Arbitration Clauses & BIPA: The Broader the Better

February 27, 2019 CCPA Webinar Q&As: Third-Parties & Due Diligence

Is the Illinois Legislature Rethinking BIPA?

Company

Support

New to the Network

Blog Authors

Latest from The Firewall