Since the beginning of the year, the SEC has issued several sets of proposed rules governing cybersecurity.  In an upcoming webinar, Ballard Privacy & Data Security partner Phil Yannella will join a panel discussion hosted by SEI Investments concerning the impact of these new rules on registered investment advisors and funds.  You can register

On the latest episode of our podcast, Business Better, our Ballard lawyers discuss emerging trends in privacy litigation. Issues we discuss include companies sharing and selling consumer data, plaintiffs’ liability theories, including the right of publicity, and best business practices to consider in anticipation of privacy claims.

Leading this discussion is Aliza Karetnick, a Partner

On January 28, 2022 the Consumer Protection Section of the Colorado Attorney General’s Office issued guidance regarding data security best practices.  Businesses subject to the Colorado Privacy Act can look to these best practices as a roadmap for the technical and organizational data security safeguards the law requires businesses to implement.

The guidance instructs covered

California continues to be at the vanguard of privacy protection.  On October 11, 2021 California’s Governor Newsom signed several bills addressing privacy and data security. These new laws go into effect January 1, 2022 and include:

  • AB 335, which adds an exemption to the California Consumer Privacy Act (CCPA) consumer personal information sales opt-out

With a little over a year of enforcing the California Consumer Privacy Act (CCPA) under its belt, the Office of the California Attorney General (OAG) recently held a press conference to announce updates on its CCPA enforcement efforts and promote new tools relating to California consumers’ right to opt out of the sale of their personal information.
Continue Reading  California Enforcement Updates and Privacy Tools Highlight Regulatory Scrutiny of Right to Opt Out

On July 9, 2021, New York City’s biometric identifier information law became effective. The law, which was enacted in January 2021, addresses the collection and use of biometric identifier information (BII) by commercial establishments—meaning places of entertainment, retail stores, or food and drink establishments—to track customer activity. It creates a private right of action and subjects violators to statutory damages.

Continue Reading  New York City’s Biometric Identifier Information Law Takes Effect

Phil Yannella, Ballard Spahr litigation partner and Practice Leader of Ballard’s Privacy & Data Security Group, recently authored a treatise on data breach and privacy litigation. The book, Cyber Litigation: Data Brach, Data Privacy & Digital Rights, is published by Thomson Reuters and is available now for purchase.
Continue Reading  Ballard Spahr Partner, Phil Yannella, Authors Book on Data Breach and Privacy Litigation

Ballard Privacy & Data Security partners Phil Yannella, Kim Phan and Greg Szewczyk recently wrote an article on managing compliance with the growing patchwork of state privacy laws for the Media Law Resource Center (MLRC).  The article was made available at last week’s  Legal Frontiers in Digital Media virtual conference sponsored by the MLRC and will appear in an upcoming edition of “Legal Frontiers in Digital Media,” MLRC Bulletin (June 2021).  A copy of the article is available here:
Continue Reading  Managing Compliance with a Patchwork of State Privacy Laws

On April 29, 2021, the Federal Trade Commission (FTC) hosted a virtual workshop, entitled “Bringing Dark Patterns to Light,” to examine “dark patterns.” In her opening remarks, Acting FTC Chairwoman Rebecca Kelly Slaughter broadly described “dark patterns” as “user interface designs that manipulate consumers into taking unintended actions that may not be in their interest.” Chairwoman Slaughter highlighted several examples of dark patterns, including confusing cancellation procedures that force users to navigate multiple screens, online applications that hide the material terms of a product or service through the use of inconspicuous drop down links and auto-scroll features, and the addition of products to users’ shopping carts without their knowledge or consent.
Continue Reading  FTC Workshop Signals Increased Regulatory Focus on Dark Patterns

After a pandemic-related hiatus in 2020, a number of U.S. states have proposed new data privacy laws in 2021 – and several are very close to passage.  Virginia’s proposed data privacy law appears to be the closest and is likely to be signed into law by Governor Northam in the near future.  Washington and Florida’s