Showing Posts In "Data Protection and Privacy" Category

Strategies for Developing a Multistate Privacy Compliance Program

Although slightly different, state privacy laws share key principles, making it easier for privacy professionals to develop a framework for building a program designed to adapt to the changing privacy landscape. New comprehensive state privacy laws are creating compliance obligations for entities that have traditionally fallen outside the purview of privacy regulation. Such laws include […]

Privacy and Security Basics – Dos and Don’ts

As states continue to implement privacy laws, businesses should do what they can to address their data privacy and security practices. They should update privacy policies, address dark patterns, train employees on privacy and security, address data retention, and explore cyber security insurance. What they shouldn’t do is ignore employee privacy or vendor relationships.

Read […]

The Basics, Usage, and Privacy Concerns of Biometric Data

Data privacy regulation in the United States is sector-specific and determined by state and local governments. Most states already have laws aimed at data breaches and as of July, some now have comprehensive data privacy laws modeled somewhat on the European Union’s General Data Privacy Regulation (GDPR). Some, like Illinois, also have specific laws to […]

Are You Ready for 2023? New Privacy Laws to Take Effect Next Year

Organizations should review privacy practices and prepare for compliance with five new state omnibus privacy laws. Those five laws that address the processing of personal data include 1. The California Privacy Rights Act (CPRA), effective January 1, 2023, 2. The Virginia Consumer Data Protection Act (CDPA), effective January 1, 2023, 3. The Colorado Privacy Act […]

Proposed Federal Data Protection Law Amended and Advanced for A Full Chamber Vote in The House

While progress has been made in finalizing the text – language around state law preemption and the creation of a small business exception – passage remains unlikely as key Democrats continue to withhold support and mid-term elections are right around the corner. The House Committee on Energy & Commerce recently voted 53-2 to advance an […]

Preparing For US State Privacy Law Compliance: The Six-Month Mark

With six months before the first of the new US state, general privacy laws go into effect, there are several steps companies can take now to begin to prepare. Unfortunately, there are some parts of compliance that will be impacted by regulations that have either not been drafted, or if drafted, remain unfinalized. What can […]

US Government Committee Gather Evidence on Biometric Privacy-Enhancing Technologies

A hearing was held on “Privacy in the Age of Biometrics” at which biometric privacy-enhancing technologies (BPET) were introduced as possibly playing a major role in protecting the sensitive information of Americans. More research and investment into the technologies, as well as carefully crafted policies to accompany them, are needed.

Read more

Some World Leaders Take the Hint and Start Building Bulwarks Against Deepfake Danger

Signatories to an update to a 2018 voluntary practice code for combatting disinformation to a co-regulation scheme include the European Union, Google, Twitter, Facebook, Mozilla, and advertising firms. Each will “adopt, reinforce and implement clear policies regarding impermissible manipulative behaviors and practices on their services, based on the latest evidence on conducts and tactics, techniques […]

What Your Business Should Know About Utah’s Consumer Privacy Act

Effective December 31, 2023, the Utah Consumer Privacy Act (UCPA) applies to businesses involved in data processing that conduct business in Utah or produce a product or service that is targeted to Utah residents if the business has an annual revenue of $25 million or more in the preceding year. Businesses should review existing privacy […]

Draft Released of the Bipartisan American Data Privacy and Protection Act

Lawmakers have released draft bipartisan comprehensive privacy legislation – the “American Data Privacy and Protection Act.” The Act borrows a number of concepts from previously introduced legislative proposals but also includes a few novel approaches. While the bill recognizes several exceptions to its requirements, it prohibits covered entities from collecting, processing, or transferring covered data […]