Uncategorized
-
Understanding California Assembly Bill 322 on Geolocation Data
California Assembly Bill 322 is currently under consideration by the Senate Appropriations Committee. It seeks to amend the California Privacy Protection Act (CCPA) and aims to provide additional regulations and obligations. Specifically, it seeks to further regulate the the collection and processing of precise geolocation information. Precise geolocation is defined under CCPA as location data…
-
New California Law Enhances Data Broker Disclosure Obligations
Under existing law, California Data Brokers must register with the California Privacy Protection Agency (“Agency”) and pay a registration fee in an amount determined by the Agency. Data Brokers are also required to provide specific information, including the name of the data broker and its primary physical, email, and internet website addresses. Data Brokers must…
-
Happy Data Privacy Week! Celebrate this year’s theme.
Today we kick off 2025’s Data Privacy Week, which focuses attention on data governance practices, education, and action items to bolster data privacy and data protection for businesses and individuals, alike. As part of the designation, the National Cybersecurity Alliance has announced that this year’s Data Privacy Week theme is Take Control of Your Data. An…
-
Digital Twins — Article on Reuters
Avoiding growing pains in the development and use of digital twins | Reuters Thank you to Reuters for asking me to write about digital twins and the privacy, security, and ethical implications inherent in this technology. Please click on the link above to view the full article.
-
No Ads for You!
So, sometimes I do write on other blogs. 🙂 Below is a link to an article on Bradley’s Online and OnPoint blog that delves into why forcing customers to pay for “no ad” versions of platforms could become a liability. Will these new findings change the way free online platforms operate? Can Privacy Be Bought?…
-
SEC Guidance: Providing Clarity on Private Sharing of Cybersecurity Incident Information
In July 2023, the SEC mandated public companies to annually disclose material cybersecurity incidents and risk management details to protect investors. The new rules aim for consistent disclosure and timely reporting within four business days, but caused confusion about how these disclosures may prohibit or limit the ability to discuss additional details as part of…
-
Shining a Light on Dark Patterns
I have always been fascinated with psychology. It was my major in college and one of my favorite reading topics ever since. So, what does psychology have to do with privacy? As it turns out, quite a lot. In particular, design patterns in digital platforms often leverage psychology to encourage individuals to interact with the…
-
Attorney General Proposes to Roll Back Entity Level Exemptions under Connecticut Data Privacy Act
In a report from February of this year, the Connecticut Attorney General identified several proposed legislative changes to the Connecticut Data Privacy Act that would strengthen or clarify protections afforded to residents of the State. Specifically, the report states: The CTDPA contains a myriad of exemptions carving out entities from its requirements. Several states have…
-
Privacy Question of the day
True or False: The Children’s Online Privacy Protection Act applies to data collected on children (under 13) who reside outside of the United States (i.e. in the EU). Vote Here! (Spoiler!!) The answer and explanation are described below. The answer may be surprising! The FTC’s frequently asked questions about COPPA address this issue under section…
Focused On Privacy 