On March 6 and 15, 2023, both chambers of the Iowa Legislature unanimously voted to approve Senate File 262, which could make Iowa the sixth U.S. state to enact comprehensive privacy legislation.
Continue Reading Iowa House and Senate Unanimously Vote to Approve Comprehensive Privacy Legislation
Connecticut
IAB Releases for Public Comment Proposed Contractual Framework and U.S. State Signals Specifications for Compliance with Five States’ Privacy Laws
On October 13, 2022, the Interactive Advertising Bureau released for public comment an updated version of its contractual framework and new U.S. State Signals specifications to help the digital advertising industry comply with the comprehensive state privacy laws of California, Virginia, Colorado, Utah and Connecticut.
Continue Reading IAB Releases for Public Comment Proposed Contractual Framework and U.S. State Signals Specifications for Compliance with Five States’ Privacy Laws
Connecticut Enacts Consumer Privacy Law
On May 10, 2022, Connecticut Governor Ned Lamont signed An Act Concerning Personal Data Privacy and Online Monitoring, after the law was previously passed by the Connecticut General Assembly in April. Connecticut is now the fifth state to enact a consumer privacy law.
Continue Reading Connecticut Enacts Consumer Privacy Law
UPDATE: New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Are Now in Effect
On October 1, 2021, Connecticut’s two new data security laws went into effect. The new laws modify Connecticut’s existing breach notification requirements and establish a safe harbor for businesses that create and maintain a written cybersecurity program.
Continue Reading UPDATE: New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Are Now in Effect
New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Effective October 2021
Connecticut recently passed two cybersecurity laws that will become effective on October 1, 2021. The newly passed laws modify Connecticut’s existing breach notification requirements and establish a safe harbor for businesses that create and maintain a written cybersecurity program that complies with applicable state or federal law or industry-recognized security frameworks.
Continue Reading New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Effective October 2021
Connecticut Requires 24 Months of Credit Monitoring for Certain Security Breaches
Effective October 1, 2018, Connecticut law requires organizations that experience a security breach affecting Connecticut residents’ Social Security numbers to provide 24 months of credit monitoring to affected individuals. Previously, Connecticut law required entities to provide 12 months of credit monitoring for breaches affecting SSNs.
Continue Reading Connecticut Requires 24 Months of Credit Monitoring for Certain Security Breaches
Senate Commerce Committee Members Rumored to be Discussing Online Privacy Bill
On August 29, 2018, Bloomberg Law reported that four Senate Commerce Committee members are said to be discussing a potential online privacy bill. …
Continue Reading Senate Commerce Committee Members Rumored to be Discussing Online Privacy Bill
Target and State Attorneys General Resolve Investigation with Largest Multi-State Breach Settlement to Date
On May 23, 2017, Target reached a settlement with the Attorneys’ General of 47 states and the District of Columbia to resolve the states’ investigation of Target’s 2013 data breach.
Continue Reading Target and State Attorneys General Resolve Investigation with Largest Multi-State Breach Settlement to Date
Adobe Settles Multistate Data Breach Enforcement Action
On November 7, 2016, Adobe Systems Inc. entered into an assurance of voluntary compliance with 15 state Attorneys General to settle allegations that the company lacked proper measures to protect its systems from a 2013 cyber attack that resulted in the theft of the personal information of millions of customers. …
Continue Reading Adobe Settles Multistate Data Breach Enforcement Action
Connecticut Passes New Data Protection Measures into Law
On July 1, 2015, Connecticut’s governor signed into law Public Act No. 15-142, An Act Improving Data Security and Agency Effectiveness, that amends and updates the state’s data breach notification law and imposes certain data security requirements on health insurers and state contractors.
Continue Reading Connecticut Passes New Data Protection Measures into Law