Sir Francis Bacon is often credited with the phrase, “Knowledge is power.” It is commonly believed that people are better able to make informed decisions when they have all the information necessary to evaluate their options. US lawmakers are starting to believe the same applies to privacy and Continue Reading
CCPA Update: California Public Forums and Other Proposed State/Federal Legislation
The Bottom Line Taken together, these legislative developments are indicative of the increasingly complicated and potentially confusing data privacy regime that lies ahead. What remains clear is that businesses that process personal information need to remain diligent about privacy and data Continue Reading
Happy New Year, Data Brokers! Now, Register with Vermont
The Bottom Line Vermont’s law governing data brokers takes effect in a few days.If you think you are a data broker who falls within the law, now is the time to take all steps necessary to comply. With only days to go before Vermont’s data broker regulation law takes effect, the Vermont Continue Reading
New Law Creates Data Breach Safe Harbor for Companies With Written Security Programs
The Bottom Line While there are more laws that require companies to implement reasonable security practices, the Act is the first U.S. law that provides this type of safe harbor to companies that do so. Therefore, every company should implement a comprehensive written information security program, Continue Reading
States Update Data Breach Notification Laws Amidst GDPR Commotion
The Bottom Line It is clear that local and state lawmakers are making data privacy protection requirements a legislative priority. As lawmakers continue to amend or enact new data protection and data breach notification laws, it will be crucial that all affected organizations ensure their policies Continue Reading
U.S. Ad Tech Companies Collecting EU Data Must Prepare for the GDPR
The Bottom Line With fines that can reach up to €20 million or 4% of worldwide annual revenue, the cost of non-compliance under the GDPR could be much more significant than it has been under the prior data privacy framework in the EU. With a little more than one month before the GDPR becomes Continue Reading
South Dakota Becomes 49th State to pass Data Breach Notification Law
The Bottom Line A patchwork of state, federal and international rules impose data breach notification obligations on companies.Every company subject to these rules must have a data breach response plan in place that complies with each state's requirements. Once it becomes law, a bill passed Continue Reading
FTC Announces First COPPA Action Involving Connected Toys
The Bottom Line As the first COPPA case involving connected toys, the FTC's settlement with VTech should be a reminder to all companies that they must fully comply with COPPA and must take reasonable steps to protect sensitive data, particularly any data collected from children. In addition, Continue Reading