On June 1, 2022, Thailand’s Personal Data Protection Act entered into force after three years of delays.
Continue Reading Thailand’s Personal Data Protection Act Enters into Force
Biometric Data
California Assembly Proposes Data Privacy Law for Workers
Assembly Bill 1651, or the Workplace Technology Accountability Act, a new bill proposed by California Assembly Member Ash Kalra, would regulate employers and their vendors regarding the use of employee data.
Continue Reading California Assembly Proposes Data Privacy Law for Workers
Texas AG Sues Meta Over Collection and Use of Biometric Data
On February 14, 2022, Texas Attorney General Ken Paxton brought suit against Meta over the company’s collection and use of biometric data. The suit alleges that Meta collected and used Texans’ facial geometry data in violation of the Texas Capture or Use of Biometric Identifier Act and the Texas Deceptive Trade Practices Act. …
Continue Reading Texas AG Sues Meta Over Collection and Use of Biometric Data
Facebook to End Use of Its Facial Recognition System
On November 2, 2021, Facebook parent Meta Platforms Inc. announced that it will shut down its “Face Recognition” system in coming weeks as part of a company-wide move to limit the use of facial recognition in its products. …
Continue Reading Facebook to End Use of Its Facial Recognition System
UPDATE: New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Are Now in Effect
On October 1, 2021, Connecticut’s two new data security laws went into effect. The new laws modify Connecticut’s existing breach notification requirements and establish a safe harbor for businesses that create and maintain a written cybersecurity program.
Continue Reading UPDATE: New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Are Now in Effect
Illinois Biometric Law Limitation Period Clarified by Illinois Court
On September 17, 2021, in Tims v. Black Horse Carriers Inc., Ill. App. Ct., 1st Dist., No. 1-20-563, the Illinois Appellate Court, in a case of first impression at the appellate level, addressed the statute of limitations under the state’s Biometric Information Privacy Act, holding that a five-year period applies to BIPA claims that allege the failure to (1) provide notice of the collection of biometric data, (2) take care in storing or transmitting biometric data, or (3) develop a publicly-available retention and destruction schedule for biometric data.
Continue Reading Illinois Biometric Law Limitation Period Clarified by Illinois Court
FTC Authorizes New Compulsory Process Resolutions in Eight Key Enforcement Areas
On September 14, 2021, the Federal Trade Commission authorized new compulsory process resolutions in the eight key enforcement areas: (1) Acts or Practices Affecting United States Armed Forces Members and Veterans; (2) Acts of Practices Affecting Children; (3) Bias in Algorithms and Biometrics; (4) Deceptive and Manipulative Conduct on the Internet; (5) Repair Restrictions; (6) Abuse of Intellectual Property; (7) Common Directors and Officers and Common Ownership and (8) Monopolization Offenses. …
Continue Reading FTC Authorizes New Compulsory Process Resolutions in Eight Key Enforcement Areas
UPDATE: Baltimore Bans Private-Sector Use of Facial Recognition Technology
On September 8, 2021, Baltimore’s local ordinance regulating private entities’ use of facial recognition technology becomes effective.
Continue Reading UPDATE: Baltimore Bans Private-Sector Use of Facial Recognition Technology
South Korean Privacy Regulator Fines Netflix and Facebook
On September 1, 2021, the South Korean Personal Information Protection Commission (“PIPC”) issued fines against Netflix and Facebook for violations of the Korean Personal Information Protection Act (“PIPA”).
…
Continue Reading South Korean Privacy Regulator Fines Netflix and Facebook
China Passes Personal Information Protection Law
On August 20, 2021, China passed the Personal Information Protection Law (the “PIPL”). The PIPL will become effective on November 1, 2021.
Continue Reading China Passes Personal Information Protection Law