Privacy
Following in the footsteps of the last few years, 2022 is shaping up to be a landmark year for privacy and data security. Here is a quick privacy forecast to help you identify where to focus, and what to expect, in the coming year.
Read MoreOn October 6, 2021, California’s governor signed the Genetic Information Privacy Act (the “Act”), adding the state to the growing number enacting laws requiring direct-to-consumer genetic testing companies to protect the privacy and security of their customers’ genetic data.
Read MoreOn March 2, 2021, Virginia Governor Ralph Northam signed the Virginia Consumer Data Protection Act (VCDPA) into law. The VCDPA, which takes effect January 1, 2023, will look familiar to those who work with the GDPR and California’s Consumer Privacy Act and Privacy Rights Act (CCPA and CPRA, respectively). Companies that have already invested in GDPR and CCPA/CPRA compliance will find that most VCDPA obligations are similar to what they have already addressed in some form for Europe and California. But the new Virginia law also contains some novel provisions, such as excluding a broad range of “publicly available information” from the definition of personal data, contractual requirements for sharing de-identified data, and establishing an appeals process for data rights requests.
Read MoreBy Mike Hintze
On November 3, California voters passed Proposition 24, the California Privacy Rights Act (CPRA). This new privacy law, which substantially amends the California Consumer Privacy Act (CCPA), will come into effect on January 1, 2023, and enforcement will begin July 1, 2023. CPRA is, at best, a mixed bag. The fact that it was opposed by a wide range of critics, from privacy advocates, to academics, to industry coalitions is telling. It is long, complex, and poorly drafted. While it clarifies some aspects of CCPA, it adds new ambiguous provisions that will cause more confusion and uncertainty. It changes (mostly expanding) the consumer rights in CCPA, and it imposes a wide range of new compliance obligations on companies.
Read MoreA chapter by Hintze Law partner Mike Hintze, entitled "Privacy Statements: Purposes, Requirements, and Best Practices" will be included in the forthcoming Cambridge Handbook of Consumer Privacy, edited by Jules Polonetsky, Evan Selinger & Omer Tene, Cambridge University Press (2017).
Read MoreBy Carolyn Krol
On Thursday, October 13, 2016, the Federal Trade Commission (“FTC”) held an afternoon workshop exploring drones as part of its series of fall technology events.
Read MoreIf you are a startup or just a privacy or security officer with a lean budget, please check out our list of publicly available privacy and security resources. We update this from time to time for presentations we give to companies just starting to build their privacy and security programs and always welcome input on any "free" resources you find helpful.
Read MoreOn February 23, 2015, the Seattle City Council unanimously approved a resolution approving its first ever set of comprehensive privacy principles. The principles are also the first of its kind to be adopted by a major U.S. city.
Read More