The absence of comprehensive federal legislation on data breach notification has led to the development of a patchwork of state laws to ensure that individuals receive timely notification of data breaches that might impact their personal data.
Read more »Latest Blog Posts
-
The United States of Data Breach Notification Posted on: April 10, 2018 In: Data Privacy & Cybersecurity
-
Oregon Amends Data Breach Notification Law Posted on: April 09, 2018 In: Data Privacy & CybersecurityIn March 2018, Oregon Governor Kate Brown signed into law new measures to strengthen the state’s existing data breach notification statute, ORS § 646A.604. The legislation is set to take effect in June 2018 and, among other things, will require organizations that experience a data breach affecting Oregon residents to notify affected individuals of the data breach within 45 days of its discovery, unless asked to delay notification by law enforcement.
Read more »
-
Virginia Imposes New Breach Notification Requirements on Tax Preparers Posted on: March 16, 2018 In: Data Privacy & CybersecurityOn Friday, March 9, 2018, Virginia Governor Ralph Northam signed H.B. 183, which imposes data breach notification requirements on certain tax preparers. The bill, introduced by Delegate Hala S. Ayala, had unanimous support in both the Virginia House and Senate.
Read more »
-
The End (of Net Neutrality) May Be Just the Beginning Posted on: March 07, 2018 In: Data Privacy & CybersecurityIn 2015 the Federal Communications Commission (FCC) issued its Open Internet Order, which reclassified landline and mobile broadband internet from an information service under Title I of the Communications Act of 1934 to a telecommunication service under Title II. This reclassification, commonly referred to as “net neutrality,” made internet service providers (ISPs) subject to most of the same regulations and oversight that govern other utilities, such as electricity and telephone services.
Read more »
-
Supreme Court Won’t Reconsider Standing Principles from Spokeo Posted on: February 05, 2018 In: Data Privacy & CybersecurityOn January 22, 2018, the United States Supreme Court denied a petition for writ of certiorari that requested review of the court’s May 2016 ruling in Spokeo, Inc. v. Robins. The 2016 Spokeo ruling concerned the types of injuries that are sufficient to confer standing to sue under Article III of the U.S. Constitution.
Read more »
-
The Meltdown and Spectre Bug Posted on: January 24, 2018 In: Data Privacy & Cybersecurity2018 kicked off with security researchers finding two serious security flaws in chips used in personal computers and mobile devices. The two flaws or bugs, named “Meltdown” (computers) and “Spectre” (mobile devices), make data stored in individual devices vulnerable to attack by allowing hackers to access and steal passwords, encryption keys, or other sensitive information from the device’s memory.
Read more »
-
GDPR, Part VI: What Are the Roles of U.S. Regulators? Posted on: December 21, 2017 In: Data Privacy & CybersecurityWhen the General Data Protection Regulation (GDPR) goes into effect on May 25, 2018, the European Union (EU) will mark a sea change in how its member states will seek to protect and regulate the collection and use of EU citizens’ data. But as we have noted in our seven-part series analyzing the impact of Europe’s new data regulation and the hurdles that businesses will have to clear in order to comply with its provisions, the effects of the GDPR will not stop at the EU water’s edge.
Read more »
-
GDPR, Part V: Understanding the Fines and Penalties Provisions Posted on: November 28, 2017 In: Data Privacy & CybersecurityNon-compliance with the forthcoming General Data Protection Regulation (GDPR) can mean significant fines and administrative penalties for non-compliant data controllers and processors. The GDPR will go into effect on May 25, 2018, when the former Data Protection Directive 95/46/EC is repealed. While the former directive was binding on all EU member states, it left to the national authorities of each state the choice of “forms or methods” to achieve compliance with its intended results.
Read more »
-
GDPR, Part IV: The Data Subject Consent Provisions Posted on: November 21, 2017 In: Data Privacy & CybersecurityWith the forthcoming General Data Protection Regulation (GDPR) set to change the cybersecurity landscape of data collection and storage in the European Union (EU), one of the most important areas that organizations processing or storing EU citizens' data will need to ensure they are complying with is the GDPR's consent guidelines.
Read more »
-
Proposed Cybersecurity Legislation Casts A Wide Net For U.S. Ports Posted on: November 20, 2017 In: Data Privacy & CybersecurityOn November 7, 2017, Sens. Kamala Harris, D-Calif., and Dan Sullivan, R-Ark., introduced a bipartisan bill designed to strengthen cybersecurity measures in U.S. ports. The bill, S. 2083, is entitled “Strengthening Cybersecurity Information Sharing and Coordination in Our Ports Act of 2017.” The bill comes in the wake of a ransomware attack in California that disabled the largest terminal in the Port of Los Angeles.
Read more »
-
GDPR, Part III: The Data Protection Officer Requirement Posted on: November 13, 2017 In: Data Privacy & CybersecurityThis seven-part series analyzes the ways in which the forthcoming General Data Protection Regulation (GDPR), effective May 25, 2018, will impact the regulatory landscape for entities doing business with or transacting in the data of European Union citizens. The first part of this series provided an overview of the history of pre-GDPR European data protection law. The second installment focused on the GDPR’s breach notification requirements.
Read more »
-
GDPR, Part II: Personal Data Breach Notification Requirements Posted on: November 01, 2017 In: Data Privacy & CybersecurityThis seven-part series analyzes the ways in which the General Data Protection Regulation (GDPR), which goes into effect May 25, 2018, will impact the regulatory landscape for entities doing business with, or transacting in the data of European Union citizens. The first part of the series provides an overview of the history of pre-GDPR European data protection law. Future installments will each address a discrete aspect of the GDPR itself.
Read more »
Blog Search
Featured Posts
- February 10, 2023 Historic Hermès Jury Verdict Paves Way for Digital Trademark Rights
- January 13, 2023 Sports Law: A Year in Review & What to Watch for in 2023
- January 06, 2023 Federal Trade Commission Cracks Down on Non-Compete Agreements
- December 06, 2022 Just In Time: Last Minute Compliance Tips for the CPRA and VCDPA
Blog Categories
Blog Tags
9th circuit
ada
america invents act
breach notification
california
ccpa
college
college athletes
college sports
colorado
compensation
compliance
congress
consumer data
consumer notification
copyright
coronavirus
covid-19
cpra
cybersecurity
cyber threat
data breach
data privacy
data security
disability
discrimination
dol
eeoc
employee handbook
employers
employment
employment agreements
employment law
equal pay
european union
executive order
family leave
fbi
fcra
federal circuit
florida
flsa
fmla
gdpr
hacking
healthcare
hipaa
hiring
human resources
identity theft
illinois
incident response
independent contractors
infringement
intellectual property
inter partes review
irs
labor law
legislative alert
litigation
malware
massachusetts
medical leave
minimum wage
multi-factor identification
ncaa
new jersey
new york
nil
nlrb
non-competition
osha
overtime
paga
paid leave
patent law
patents
payroll
personal data
personal information
phishing
privacy law
ptab
ransomware
reasonable accommodation
sexual harassment
sports
sports law
statute
student-athletes
student athletes
supreme court
title ix
title vii
trademark
trade secrets
virginia
wage and hour
washington
workplace safety