Privacy and Information Security

Effective January 1, 2020, New Hampshire’s new Insurance Data Security Law will impose certain information security requirements on entities that (1) are licensed under the state’s insurance laws and (2) handle “nonpublic information.” “Nonpublic information” is defined as information that is not publicly available and falls into one of the two following categories:

  1. Information that

Amendments to the California Consumer Privacy Act (CCPA) continued to advance on Monday, as the California legislature returned from its summer recess.  With just five weeks to go until the September 13th deadline for the legislature to pass bills, and fewer than five months until the CCPA is set to take effect, the Senate Appropriations

Even in her extensive dissent, FTC Commissioner Rebecca Slaughter labeled the Order “exceptional.”

And it is.  The terms of the Federal Trade Commission’s (FTC) $5 billion, twenty-year settlement Order reached with Facebook on Wednesday is the agency’s most prescriptive privacy and data security agreement ever.  The Order comes just three days shy of the seventh

The FTC announced today that it is seeking comments on a variety of issues related to the Children’s Online Privacy Protection (COPPA) Rule. Although only six years have passed since the FTC’s 2013 COPPA Rule update, the FTC is initiating an early review in response to new technologies and applicability to certain business sectors, including

New York’s efforts to pass the New York Privacy Act failed when the bill did not appear in the most recent legislative session. The bill, said to be “tougher,” “bolder,” and more “sweeping” than other privacy legislation, initially gained a number of Senate co-sponsors when Sen. Kevin Thomas introduced it, but no Assembly members signed

Seven amendments to the California Consumer Privacy Act (CCPA) are one step closer to becoming law after the California Senate Committee on the Judiciary voted to advance the legislation earlier this month.

The bills now head to the Committee on Appropriations for a vote next month, followed by a vote of the full Senate.  The

California legislators are tweaking language in a proposal to exclude employee or job applicant data from the State’s landmark privacy law slated to take effect in January.

The California Consumer Privacy Act (CCPA) grants consumers the right to access, delete, or opt out of the sale of their personal information collected by a covered business. 

A new bill introduced in the Senate Health, Education, Labor, and Pensions (HELP) Committee would impose federal regulatory obligations on health technology businesses that collect sensitive health information from their service users and customers.

The Protecting Personal Health Data Act, S.1842, introduced by Senators Amy Klobuchar (D-Minn.) and Lisa Murkowski (R-Alaska), seeks to close

On a new episode of the Ad Law Access PodcastAlex Schneider discusses the recently approved (four) bills to amend the California Consumer Privacy Act (CCPA) and the Nevada and Maine Legislatures legislation that, like the CCPA, features new requirements relating to the sale of consumer personal data.

For additional information see the Ad

Last week, the New York Attorney General’s Office announced that Bombas had agreed to pay $65,000 and implement a number of injunctive provisions to settle allegations that the sock startup failed to comply with the state’s data breach notification statute. According to the press release, Bombas learned in November 2014, that an unauthorized intruder