privacy
-
Erin Illman Added to Chambers Global List for Privacy and Data Security
I am thrilled to be recognized in the Chambers Global List for Privacy and Data Security: Cybersecurity, highlighting top lawyers and firms based on extensive research and recommendations.
-
The New Wave of “Shine the Light” Demand Letters under California Law
Although the California Consumer Privacy Act, as amended by the California Privacy Rights Act, (“CCPA”) is the first thing that comes to mind when asked about privacy rights in California, there is another long-standing privacy statute commonly known as the “Shine the Light” (STL) law, codified at California Civil Code § 1798.83 that is seeking…
-
Understanding California Assembly Bill 322 on Geolocation Data
California Assembly Bill 322 is currently under consideration by the Senate Appropriations Committee. It seeks to amend the California Privacy Protection Act (CCPA) and aims to provide additional regulations and obligations. Specifically, it seeks to further regulate the the collection and processing of precise geolocation information. Precise geolocation is defined under CCPA as location data…
-
Happy Data Privacy Week! Celebrate this year’s theme.
Today we kick off 2025’s Data Privacy Week, which focuses attention on data governance practices, education, and action items to bolster data privacy and data protection for businesses and individuals, alike. As part of the designation, the National Cybersecurity Alliance has announced that this year’s Data Privacy Week theme is Take Control of Your Data. An…
-
Effective Privacy Governance: How to “Bucket” State Obligations
As of the date of this post, there are at least nineteen comprehensive state privacy laws that have been passed and signed into law. Seven of those laws are currently in effect with active enforcement by state regulators. By this time next year (July 2025) an additional eight states will be in effect. Below is…
-
California Usurps Federal Privacy Action (Again)
Most Americans expect the federal government to be involved in international agreements on individual rights affecting U.S. citizens. California has partnered with France on data privacy protections, following the cancellation of a federal privacy rights act discussion. This collaboration signals a shift towards more cohesive global privacy regulations and may influence California’s privacy legislation approach.
-
SEC Guidance: Providing Clarity on Private Sharing of Cybersecurity Incident Information
In July 2023, the SEC mandated public companies to annually disclose material cybersecurity incidents and risk management details to protect investors. The new rules aim for consistent disclosure and timely reporting within four business days, but caused confusion about how these disclosures may prohibit or limit the ability to discuss additional details as part of…
-
Happy Birthday: The EU General Data Protection Regulation Turns 6
A friend of mine and I decided to take our moms on a tour of Spain and France for the last few weeks of May. So, it was merely a (fun) coincidence that we were able to toast the anniversary of the EU’s General Data Protection Regulation (GDPR) with a glass of cava in Barcelona…
-
Shining a Light on Dark Patterns
I have always been fascinated with psychology. It was my major in college and one of my favorite reading topics ever since. So, what does psychology have to do with privacy? As it turns out, quite a lot. In particular, design patterns in digital platforms often leverage psychology to encourage individuals to interact with the…
-
California Privacy Protection Agency Provides Summary of Pending California Privacy Legislation
In advance of the upcoming May 10th meeting, the California Privacy Protection Agency released meeting materials to provide context to several agenda items. In particular, the California Privacy Protection Agency Board voted unanimously to: In addition, the materials provide a snapshot of the California legislative calendar, along with a list of eight pending bills that…
Focused On Privacy 