On February 22, 2019, California state senator Hannah Beth-Jackson introduced a bill (SB-561) that would amend the California Consumer Privacy Act of 2018 to expand the Act’s private right of action and remove the 30-day cure period requirement for enforcement actions brought by the State Attorney General.
Continue Reading

Recently, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP submitted formal comments to the U.S. Department of Commerce’s National Telecommunications and Information Administration in response to its request for public comments on developing the administration’s approach to consumer privacy.
Continue Reading

Effective November 2, 2018, a new Ohio breach law will provide covered entities a legal safe harbor in certain data breach-related claims brought in an Ohio court or under Ohio law if, at the time of the breach, the entity maintains and complies with a cybersecurity program that (1) contains administrative, technical, and physical safeguards for the protection of personal information, and (2) reasonably conforms to one of the “industry-recognized” cybersecurity frameworks enumerated in the law.
Continue Reading