Photo of Carmen Hinebaugh

Email
(202) 342-8639
Bio

On Friday, California Attorney General Xavier Becerra released proposed modifications to the formerly-released draft regulations implementing the California Consumer Privacy Act (CCPA). The modifications reflect the Attorney General’s response to public comments issued in response to the draft regulations and arguably represent a rollback of key provisions previously proposed.

The modifications impose a number of

As we mark Data Privacy Day, today is a good time to take stock of where U.S. privacy legislation stands in relation to the developments of the past few years.  In less than two years, the GDPR and the CCPA became the most comprehensive privacy laws in effect, granting individuals extensive rights over their information,

On the latest episode of the Ad Law Access Podcast, associates Carmen Hinebaugh and Lauren Myers make their podcast debut with a discussion on materiality and clear and conspicuous disclosures.

For additional information see our new Advertising and Privacy Law Resource Center (https://www.kelleydrye.com/Advertising-and-Privacy-Law-Resource-Center), an online hub for advertising, privacy, and consumer protection

On Tuesday, September 24, 2019, the European Court of Justice issued two rulings that further defined the right to be forgotten under European laws. The right to be forgotten, also known as the right to erasure, is a fundamental tenet of the General Data Protection Regulation (GDPR). The right allows, among other things, consumers to

Make a product that could break? On July 16, 2019, the FTC hosted a workshop to examine repair restrictions on consumer goods and the “Right to Repair” bills proposed in a number of states. Panelists included representatives from trade associations, the repair and technology industries, and state senators. The Nixing the Fix workshop discussed some

The Federal Trade Commission (FTC) announced this week that it is seeking comments on proposed amendments to the Privacy Rule and Safeguards Rule under the Gramm-Leach-Bliley Act (GLBA).  These two rules outline obligations for financial institutions to protect the privacy and security of customer data in their control.  While the proposed changes to the Privacy

On January 14, Plaintiffs in the consolidated case of Veera v. Banana Republic, LLC, et al., filed for approval of a preliminary class action settlement after Plaintiffs Veera and Etman successfully argued that “frustration” and “embarrassment” over unclear discounts is sufficient to meet the requirements for injury.

According to separate lawsuits filed against Banana Republic

On January 10, 2019, Massachusetts Governor Charlie Baker signed into law the Massachusetts’s Data Breach Notification Act, which amends Massachusetts data breach reporting laws. The new law, available here, amends the timing and content of individual and regulator data breach notifications, and provides for credit monitoring services when social security numbers may have been

43 State Attorneys General and the District of Columbia announced yesterday a settlement with Neiman Marcus Group LLC resolving the states’ investigation into the company’s 2013 data breach and its security practices. Over a three-month period in 2013, a breach of the Dallas-based retailer exposed customer credit card data at 77 Neiman Marcus stores nationwide.

California Attorney General Xavier Becerra announced yesterday that the California Department of Justice will hold a series of six public forums on the California Consumer Privacy Act (CCPA).  The hearings will take place during January and February of this year and will give the public an initial opportunity to comment on the requirements set forth