Legislation

Draft CCPA Regulations Expected Fall 2019

Posted on February 8, 2019

Posted in Enforcement, Online Privacy, U.S. State Law

As we previously reported, the California Consumer Privacy Act of 2018 delays the California Attorney General’s enforcement of the CCPA until six months after publication of the Attorney General’s implementing regulations, or July 1, 2020, whichever comes first. The California Department of Justice anticipates publishing a Notice of Proposed Regulatory Action concerning the CCPA in Fall 2019.…
Continue Reading

Massachusetts Amends Data Breach Law; Imposes Additional Requirements

Posted on January 14, 2019

Posted in Information Security, Security Breach, U.S. State Law

On January 10, 2019, Massachusetts Governor Charlie Baker signed legislation amending the state’s data breach law, and the amendments take effect on April 11, 2019. This blog entry provides highlights on the Act. …
Continue Reading

California DOJ to Hold Series of Public Forums on CCPA

Posted on January 4, 2019

Posted in Enforcement, Events, Online Privacy, U.S. State Law

The California Department of Justice will host six public forums on the California Consumer Privacy Act of 2018 to provide the general public an opportunity to participate in the CCPA rulemaking process. …
Continue Reading

Serbia Enacts New Data Protection Law

Posted on November 28, 2018

Posted in Information Security, International, Security Breach

On November 9, 2018, Serbia’s National Assembly enacted a new data protection law. The Personal Data Protection Law, which becomes effective on August 21, 2019, is modeled after the EU General Data Protection Regulation. …
Continue Reading

Draft Bill Imposes Steep Penalties, Expands FTC’s Authority to Regulate Privacy

Posted on November 2, 2018

Posted in Cybersecurity, Enforcement, Information Security, U.S. Federal Law

On November 1, 2018, Senator Ron Wyden released a draft bill, the Consumer Data Protection Act, that seeks to “empower consumers to control their personal information.” The draft bill imposes heavy penalties on organizations and their executives, and for certain thresholds would require senior company executives to file annual data reports with the Federal Trade Commission. …
Continue Reading

California Enacts Blockchain Legislation

Posted on October 11, 2018

Posted in Financial Privacy, Information Security, U.S. State Law

As reported on the Blockchain Legal Resource, California Governor Jerry Brown recently signed into law Assembly Bill No. 2658 for the purpose of further studying blockchain’s application to Californians. In doing so, California joins a growing list of states officially exploring distributed ledger technology.…
Continue Reading

APEC Cross-Border Privacy Rules Enshrined in U.S.-Mexico-Canada Trade Agreement

Posted on October 3, 2018

Posted in Cybersecurity, U.S. Federal Law

On September 30, 2018, the U.S., Mexico and Canada announced a new trade agreement aimed at replacing the North American Free Trade Agreement. Notably, the USMCA’s chapter on digital trade recognizes “the economic and social benefits of protecting the personal information of users of digital trade” and will require the U.S., Canada and Mexico to each “adopt or maintain a legal framework that provides for the protection of the personal information of the users.” In adopting such a framework, the USMCA directs the Parties to consider the principles and guidelines of relevant international bodies, and formally recognizes the APEC Cross-Border Privacy Rules as “a valid mechanism to facilitate cross-border information transfers while protecting personal information.”…
Continue Reading

California Enacts New Requirements for Internet of Things Manufacturers

Posted on October 1, 2018

Posted in Information Security, Online Privacy, U.S. State Law

On September 28, 2018, California Governor Jerry Brown signed into law two identical bills regulating Internet-connected devices sold in California.…
Continue Reading

CIPL Submits Comments on Draft Indian Data Protection Bill

Posted on September 28, 2018

Posted in Centre for Information Policy Leadership, Information Security, International

On September 26, 2018, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP submitted formal comments to the Indian Ministry of Electronics and Information Technology on the draft Indian Data Protection Bill 2018.…
Continue Reading

Senate Commerce Committee Holds Hearing on Examining Consumer Privacy Protections

Posted on September 28, 2018

Posted in Enforcement, Online Privacy, U.S. Federal Law

On September 26, 2018, the US Senate Committee on Commerce, Science, and Transportation convened a hearing on Examining Consumer Privacy Protections with representatives of major technology and communications firms to discuss approaches to protecting consumer privacy, how the United States might craft a federal privacy law and companies’ experiences in implementing the EU General Data Protection Regulation and the California Consumer Privacy Act.…
Continue Reading

Privacy & Information Security Law Blog