Tag Archives: Legislation

State Privacy Laws Have the Potential to Haunt Industry

With less than two months until it goes into effect, many practitioners are focused on bringing their programs into compliance with the California Consumer Protection Act (“CCPA”) by January 1, 2020.  But the rapid pace of privacy legal developments could continue next year.  This past year, five states established studies or task forces to study … Continue Reading

California Legislature Passes CCPA Amendments and Privacy Bills

Last week, after months of negotiation and speculation, the California legislature passed bills amending the California Consumer Privacy Act (“CCPA”).  This marked the last round of CCPA amendments before the legislature adjourned for the year—and before the CCPA takes effect on January 1, 2020.  California Governor Gavin Newsom has until October 13 to sign the … Continue Reading

Business Roundtable Proposes Framework for Consumer Privacy Legislation

On September 10, 2019, 51 members of the Business Roundtable sent a letter to congressional leaders advocating principles for a national consumer data privacy law. The Business Roundtable’s Framework for Consumer Privacy Legislation offers a guide for potential federal legislation that would harmonize existing privacy regulations and preempt existing state and local data privacy laws. … Continue Reading

Round-Up of Recent Changes to U.S. State Data Breach Notification Laws

Over the past several months, many states, including Illinois, New York, Texas, and Washington, have passed significant amendments to their state data breach notification laws.  Currently, most state data breach notification laws only require notification of residents (and possibly state regulators or others) following a “breach” of personally identifiable information (“PII”), which is often defined … Continue Reading

New York Passes New Data Security and Breach Notification Requirements

On July 25, New York Governor Andrew Cuomo signed two data security and breach notification bills into law.  The first bill, the “Stop Hacks and Improve Electronic Data Security Act” or “SHIELD Act,” will impose specific data security requirements on businesses that own or license private information of New York residents, in addition to amending … Continue Reading

European Commission Issues Report on the Implementation of the GDPR

On July 24, 2019, the European Commission (“the Commission”) published a report appraising Europe’s progress in implementing the General Data Protection Regulation (“GDPR”) as a central component of its revamped data protection framework.  In its report, the Commission highlights certain achievements resulting from implementation efforts, calls attention to issues that require further action, and describes … Continue Reading

Dark Patterns: What They Are and What You Should Know About Them

You may have heard the phrase “dark patterns” as shorthand for various user interfaces designed to influence users’ decisions. They can range from the perfectly innocent to the unethical, and even illegal. Whatever the form, dark patterns have recently drawn attention from the mainstream press. Dark patterns are coming out from the shadows. And when … Continue Reading

Washington State Lawmakers Reach Deadline Without Passing Privacy Act, But Reach Agreement on Amendments to Breach Notification Law

The Washington Privacy Act stalled this April in the state’s House of Representatives, and will likely not reappear again for discussion until the 2020 legislative session. The bill overwhelmingly passed the Senate, but failed to come to a floor vote in the House of Representatives before the April 17th deadline for state lawmakers to consider … Continue Reading

Republicans, Democrats Offer Different Views on Preemption During Senate Privacy Hearing

At a February 27, 2019 hearing on “Privacy Principles for a Federal Data Privacy Framework in the United States,” Republican and Democratic members of the Senate Commerce, Science, & Transportation Committee offered different perspectives on whether new federal privacy legislation should preempt state privacy laws.… Continue Reading

House Subcommittee Holds Initial Hearing On Potential New Privacy Bill

On February 26, 2019, a key House subcommittee held a hearing to explore the possible contours of new federal privacy legislation.  At the hearing, Rep. Jan Schakowsky (D-IL)—who chairs the Energy & Commerce Committee’s Subcommittee on Consumer Protection and Commerce—said the hearing on “Protecting Consumer Privacy in the Era of Big Data” was only the … Continue Reading

GAO Report Calls for Federal Privacy Law

This month, the Government Accountability Office (“GAO”) released a report recommending that Congress consider enacting a federal internet privacy law in the United States.  The 56-page independent report was requested by the House Energy and Commerce Committee, which has scheduled a hearing on data privacy on February 26, during which it plans to discuss the GAO’s … Continue Reading

Covington to Host Webinar on Connected and Automated Vehicles

One week from today, Covington will host its first webinar in a series on connected and automated vehicles (“CAVs”). The webinar will take place on February 27 from 12 to 1 p.m. Eastern Time. During the webinar, Covington’s regulatory and legislative experts will cover developments in U.S. law and regulations relating to CAVs. Those topics … Continue Reading

Massachusetts Amends Data Breach Notification Law to Require Free Credit Monitoring

The Governor of Massachusetts recently signed House Bill No. 4806 into law, which will amend certain provisions of the state’s data breach notification law.  In addition to changing the information that must be included in notifications to regulators and individuals, the amendments will also require entities to provide eighteen months of free credit monitoring services … Continue Reading

State Data Breach Notification Laws: 2018 in Review

Recent years have seen significant amounts of legislative activity related to state data breach notification laws, and 2018 was no exception.  Not only did South Dakota and Alabama enact new data breach notification laws in 2018, becoming the last of 50 U.S. states to enact such laws, but other states also enacted changes to existing … Continue Reading

Wyden Releases Draft Privacy Bill Increasing FTC Authority, Providing for Civil Fines and Criminal Penalties

Senator Ron Wyden last week released a discussion draft of a federal privacy bill that would amend Section 5 of the Federal Trade Commission Act to expand the FTC’s authority, create significant civil fines, and enforce certain provisions through criminal penalties. The draft Consumer Data Protection Act is among a growing number of proposals for … Continue Reading

Australia Proposes New Encryption Legislation

In August 2018, the Government of Australia unveiled a new proposed bill that would grant the county’s national security and law enforcement agencies additional powers when confronting encrypted communications and devices. The text of the draft Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018 (the “Assistance and Access Bill” or the “Bill”) states … Continue Reading

California Legislature Passes Amendments to Expansive Consumer Privacy Law

Less than three months ago, California enacted the California Consumer Privacy Act of 2018 (“CCPA”). Industry and privacy watch groups alike have scrutinized the law. This summer saw fierce negotiations all in the name of improving the CCPA. Last Friday, on August 31, 2018, the California legislature passed SB 1121 to amend the CCPA. The … Continue Reading

California Adopts Expansive Consumer Privacy Law

On June 28, 2018, California enacted the California Consumer Privacy Act of 2018 (“CCPA”), which is aimed at strengthening consumer privacy rights and data security protections.  The CCPA takes effect on January 1, 2020 and is considered the most stringent privacy law in the country. The CCPA applies to for-profit entities that conduct business in … Continue Reading

Senators Klobuchar and Kennedy Introduce Privacy Legislation

On April 24, 2018, Senators Amy Klobuchar (D-MN) and John Kennedy (R-LA) introduced the Social Media Privacy and Consumer Rights Act of 2018.  The bill aims to protect consumers’ online data by increasing the transparency of data collection and tracking practices, and requiring companies to notify consumers of a privacy violation within 72 hours. “Our … Continue Reading

Senate Democrats Propose CONSENT Act

By Alyson Sandler On April 10, Senators Richard Blumenthal (D-CT) and Ed Markey (D-MA) introduced new privacy legislation titled the Customer Online Notification for Stopping Edge-provider Network Transgressions (CONSENT) Act.  In a statement published on his website, Senator Markey referred to the legislation as a “privacy bill of rights” and explained that “[t]he avalanche of … Continue Reading
LexBlog