Biometric Data

Thailand’s Personal Data Protection Act Enters into Force

Posted on June 1, 2022

Posted in Information Security, International, Security Breach

On June 1, 2022, Thailand’s Personal Data Protection Act entered into force after three years of delays.
Continue Reading Thailand’s Personal Data Protection Act Enters into Force

California Assembly Proposes Data Privacy Law for Workers

Posted on May 26, 2022

Posted in Health Privacy, Information Security, Workplace Privacy

Assembly Bill 1651, or the Workplace Technology Accountability Act, a new bill proposed by California Assembly Member Ash Kalra, would regulate employers and their vendors regarding the use of employee data.
Continue Reading California Assembly Proposes Data Privacy Law for Workers

Texas AG Sues Meta Over Collection and Use of Biometric Data

Posted on February 15, 2022

Posted in Information Security, Online Privacy, U.S. State Law

On February 14, 2022, Texas Attorney General Ken Paxton brought suit against Meta over the company’s collection and use of biometric data. The suit alleges that Meta collected and used Texans’ facial geometry data in violation of the Texas Capture or Use of Biometric Identifier Act and the Texas Deceptive Trade Practices Act. …
Continue Reading Texas AG Sues Meta Over Collection and Use of Biometric Data

Facebook to End Use of Its Facial Recognition System

Posted on November 8, 2021

Posted in Online Privacy

On November 2, 2021, Facebook parent Meta Platforms Inc. announced that it will shut down its “Face Recognition” system in coming weeks as part of a company-wide move to limit the use of facial recognition in its products. …
Continue Reading Facebook to End Use of Its Facial Recognition System

UPDATE: New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Are Now in Effect

Posted on October 1, 2021

Posted in Cybersecurity, Information Security, Security Breach, U.S. State Law

On October 1, 2021, Connecticut’s two new data security laws went into effect. The new laws modify Connecticut’s existing breach notification requirements and establish a safe harbor for businesses that create and maintain a written cybersecurity program.
Continue Reading UPDATE: New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Are Now in Effect

Illinois Biometric Law Limitation Period Clarified by Illinois Court

Posted on September 24, 2021

Posted in U.S. State Law

On September 17, 2021, in Tims v. Black Horse Carriers Inc., Ill. App. Ct., 1st Dist., No. 1-20-563, the Illinois Appellate Court, in a case of first impression at the appellate level, addressed the statute of limitations under the state’s Biometric Information Privacy Act, holding that a five-year period applies to BIPA claims that allege the failure to (1) provide notice of the collection of biometric data, (2) take care in storing or transmitting biometric data, or (3) develop a publicly-available retention and destruction schedule for biometric data.
Continue Reading Illinois Biometric Law Limitation Period Clarified by Illinois Court

FTC Authorizes New Compulsory Process Resolutions in Eight Key Enforcement Areas

Posted on September 22, 2021

Posted in Children’s Privacy, Enforcement, U.S. Federal Law

On September 14, 2021, the Federal Trade Commission authorized new compulsory process resolutions in the eight key enforcement areas: (1) Acts or Practices Affecting United States Armed Forces Members and Veterans; (2) Acts of Practices Affecting Children; (3) Bias in Algorithms and Biometrics; (4) Deceptive and Manipulative Conduct on the Internet; (5) Repair Restrictions; (6) Abuse of Intellectual Property; (7) Common Directors and Officers and Common Ownership and (8) Monopolization Offenses. …
Continue Reading FTC Authorizes New Compulsory Process Resolutions in Eight Key Enforcement Areas

UPDATE: Baltimore Bans Private-Sector Use of Facial Recognition Technology

Posted on September 7, 2021

Posted in Information Security, U.S. State Law

On September 8, 2021, Baltimore’s local ordinance regulating private entities’ use of facial recognition technology becomes effective.
Continue Reading UPDATE: Baltimore Bans Private-Sector Use of Facial Recognition Technology

South Korean Privacy Regulator Fines Netflix and Facebook

Posted on September 1, 2021

Posted in Enforcement, Information Security, International

On September 1, 2021, the South Korean Personal Information Protection Commission (“PIPC”) issued fines against Netflix and Facebook for violations of the Korean Personal Information Protection Act (“PIPA”).
…
Continue Reading South Korean Privacy Regulator Fines Netflix and Facebook

China Passes Personal Information Protection Law

Posted on August 20, 2021

Posted in Cybersecurity, International, Marketing, Online Privacy

On August 20, 2021, China passed the Personal Information Protection Law (the “PIPL”). The PIPL will become effective on November 1, 2021.
Continue Reading China Passes Personal Information Protection Law

Menu

Privacy & Information Security Law Blog