Last week, California Governor Gavin Newsom signed into law two amendments to the California Consumer Privacy Act (CCPA) that would impact various CCPA exemptions. One amendment, A.B. 1281 would extend two exemptions that were set to expire later this year: the employee exemption and the business (B2B) exemption. Both of these exemptions will now remain

On September 22nd, the Federal Trade Commission (FTC) hosted an event, “Data To Go: An FTC Workshop on Data Portability,” to examine the potential benefits and challenges to consumers and competition raised by data portability. Data portability means giving consumers the ability to receive a copy of their data for their own use

On August 14, 2020, the California Office of Administrative Law (“OAL”) approved in part and withdrew in part the Regulations regarding the California Consumer Privacy Act (“CCPA”).  While most of the changes are non-substantive, the OAL withdrew certain provisions of the Regulations and resubmitted them to the Attorney General’s Office for further review.  Approved sections

On July 13, 2020, the Federal Trade Commission (FTC) held a workshop titled “Information Security and Financial Institutions: FTC Workshop to Examine Safeguards Rule.” This workshop discussed the proposed amendments to the Gramm-Leach-Bliley Act’s (GLBA) Safeguards Rule, which requires financial institutions to develop, implement, and maintain a comprehensive information security program. The GLBA Safeguards Rule

On July 16, 2020, the European Court of Justice (Court) ruled in the “Schrems II” case that the one of the most commonly used cross border data transfer mechanisms between the European Union (EU) and the United States (US), the EU-US Privacy Shield Framework (Privacy Shield), has been invalidated. The Court reasoned that when transferring

On April 30th, U.S. Senators from across multiple committees joined together to announce legislation that would protect consumer privacy rights in the wake of the COVID-19 pandemic. Sen. Roger Wicker (R-MS), Chair of the Senate Committee on Commerce, Science, and Transportation; Sen. John Thune (R-SD), Chair of the Subcommittee on Communications, Technology, Innovation,

Businesses subject to the California Consumer Privacy Act (“CCPA”) that have begun exploring the possibility of collecting data from visitors to their facilities to track potential coronavirus exposure and to allow/deny entry must take into consideration the fact that, by doing so, they would almost certainly be collecting data that would constitute personal information under

On Friday, February 7, 2020, the California Attorney General’s (AG) Office released modified regulations to the California Consumer Privacy Act (CCPA).  The modified regulations incorporate amendments to the CCPA signed into law after the AG’s Office promulgated regulations in October 2019. The modified regulations also reflect public comments made during the initial comment period, which

Andrew Smith, Director of the FTC’s Bureau of Consumer Protection, recently announced the following three major improvements that have been made to FTC orders in data security cases:

  1. Specificity: To counter past criticisms that FTC orders to implement comprehensive information security programs were too vague, FTC orders will now require specific security safeguards that address

On November 22nd, the CFPB issued a press release announcing that a stipulated final judgment and order (Order) were filed in the U.S. District Court for the Southern District of New York against Sterling Infosystems, Inc. (Sterling) to resolve allegations that the employment background screening company violated the Fair Credit Reporting Act (FCRA).
Continue Reading  CFPB settles enforcement action against employment background screening company for alleged FCRA violations