Tag

USA

Browsing

In the United States, a significant legislative trend is on the horizon for insurers in 2020: a new breed of state privacy and cybersecurity laws. In the absence of federal intervention, a growing number of state legislatures are enacting laws and regulations modeling California’s Consumer Privacy Act for all businesses, and, in parallel, prescribing privacy and cybersecurity requirements directed at insurers. To help insurers stay ahead of the curve, we summarize below several cybersecurity measures…

On February 7, 2020, the California Attorney General released its revised draft implementing regulations for the California Consumer Privacy Act. The revised regulations are not yet final. The California AG will accept written comments regarding the updated regulations until 5:00 pm (PST) on Tuesday, February 25, 2020. The following is a high-level overview of the key new requirements under the updated regulations that are important for businesses to consider in connection with their CCPA compliance…

Along with changes brought by the CCPA, companies should be aware of other important privacy developments that went into effect in early 2020.  Notable changes to data breach notification laws in California, Illinois, Oregon, and Texas promise to have a significant impact on businesses experiencing security incidents and signal a movement towards stricter and more demanding requirements in this space.    California Amends Definition of Personal Information for Breach Notification         The definition of personal information…

In this episode of Connect On Tech, your host Brian Hengesbaugh is joined by Teresa Michaud, a partner in Baker McKenzie’s Los Angeles office. Together they will discuss the possible private litigation that may arise as a result of the California Consumer Privacy Act (CCPA). Tune in to learn: What clients are calling “the scariest aspect” of the CCPAHow class action plaintiffs might bring suit outside of the data breach contextTeresa’s practical tips for how…

With the world’s attention on the California Consumer Privacy Act (CCPA), it’s easy to overlook the privacy storm that is brewing throughout the rest of the country. As of February 10th, eleven other states (in addition to California and Nevada) have either released new or revived old data privacy and protection bills that did not pass during last year’s legislative sessions. Although the status of the majority of these bills is uncertain – as many…

In the flurry of bills relating to the California Consumer Privacy Act (CCPA), the California Legislature also enacted a law requiring data brokers to register, following a similar (but not identical) law in Vermont (see, https://iapp.org/news/a/analysis-vermonts-data-broker-regulation/) and attention by Congress, the FTC and advocates to data brokers in prior years (https://iapp.org/news/a/ftc-calls-for-legislative-action-to-regulate-data-brokers/). California lawmakers placed the broker law right before CCPA in the California Civil Code and clarified in Cal. Civ. Code §1798.99.88 that “Nothing ……

For many companies, January 1, 2020 became synonymous with the operative date of the California Consumer Privacy Act. However, manufacturers of Internet-connected devices must also keep in mind legislation that was signed into law on September 28, 2018 and became operative on January 1, 2020. This new law (2018 Cal. Legis. Serv. Ch. 886 (S.B. 327) (to be codified at Cal. Civ. Code § 1798.91.04(a)) (“IoT Law”) makes California the first state to specifically regulate…

Regulation of artificial intelligence (AI) is the topic du jour, considered by many to be one of the most important issues today. Many governments worldwide have responded by issuing national plans, guidelines, and ethics codes that highlight the essential principles for developing ethical AI, such as the European Union’s Ethics Guidelines for Trustworthy AI (April 2019) and OECD’s Council Recommendation on Artificial Intelligence (May 2019). Although the United States was initially less legislatively active than…

What does this mean for covered businesses? Two important privacy law developments took place last week in California. On 10 October 2019, the California Attorney General (AG) published its proposed regulations under the California Consumer Privacy Act (CCPA), and on 11 October 2019, Governor Gavin Newsom signed several bills that were passed in mid-September amending the CCPA (click here for a summary of those amendments). In this alert, we summarize some of the key requirements…

The requirements of the California Consumer Privacy Act enter into force 1 January 2020, and impose an array of requirements on companies that are subject to the law. Among them are obligations related to the sharing of “personal information” [Section 1798.140(o)] that obligate businesses to push down contractual limitations on service providers and other recipients of personal information and to offer California “consumers” [Section 1798.140(g)] the right to opt out of disclosures that qualify as…