The Bottom Line The proposed Regulations include many changes and clarifications to aspects of the CPRA, including, but not limited to: the selling or sharing of consumer personal information to third parties; consumer notice and privacy policy requirements; recognition of opt-out preference Continue Reading
California Privacy Protection Agency Delays Release of CPRA Regulations
The Bottom Line While businesses are eager to implement new compliance steps to meet the requirements of the CPRA and other new privacy laws, full compliance is not possible until regulators provide final rules stipulating how businesses can achieve such compliance. Therefore, businesses will Continue Reading
Happy New Year, Data Brokers! Now, Register with Vermont
The Bottom Line Vermont’s law governing data brokers takes effect in a few days.If you think you are a data broker who falls within the law, now is the time to take all steps necessary to comply. With only days to go before Vermont’s data broker regulation law takes effect, the Vermont Continue Reading
States Update Data Breach Notification Laws Amidst GDPR Commotion
The Bottom Line It is clear that local and state lawmakers are making data privacy protection requirements a legislative priority. As lawmakers continue to amend or enact new data protection and data breach notification laws, it will be crucial that all affected organizations ensure their policies Continue Reading
California Has a New Privacy Law. It Could Have Been Much Worse
The Bottom Line The Act becomes operative on January 1, 2020. In the meantime, the Attorney General will issue more detailed regulations.Nevertheless, companies doing business in California that collect consumers’ personal information — online or otherwise — should begin considering how to comply Continue Reading
South Dakota Becomes 49th State to pass Data Breach Notification Law
The Bottom Line A patchwork of state, federal and international rules impose data breach notification obligations on companies.Every company subject to these rules must have a data breach response plan in place that complies with each state's requirements. Once it becomes law, a bill passed Continue Reading