Focused On Privacy

privacy

  • Attorney General Proposes to Roll Back Entity Level Exemptions under Connecticut Data Privacy Act

    Attorney General Proposes to Roll Back Entity Level Exemptions under Connecticut Data Privacy Act

    In a report from February of this year, the Connecticut Attorney General identified several proposed legislative changes to the Connecticut Data Privacy Act that would strengthen or clarify protections afforded to residents of the State. Specifically, the report states: The CTDPA contains a myriad of exemptions carving out entities from its requirements. Several states have…

  • FTC Warns that Notice and Choice May Not Be Enough to Protect Privacy

    FTC Warns that Notice and Choice May Not Be Enough to Protect Privacy

    During a recent lecture at Fordham Law School, Samuel Levine, the Director of the Federal Trade Commission Bureau of Consumer Protection warned that when it comes to privacy “notice and choice is a fantasy world.” Mr. Levine did not mince words, further calling notice and choice a regime that “became a way for companies to…

  • Small but Mighty: The Vermont Data Privacy Act and It’s Private Right of Action

    Small but Mighty: The Vermont Data Privacy Act and It’s Private Right of Action

    According to the 2020 census, Vermont’s population of just under 650,000 residents makes it the second to last in population in the nation and the sixth smallest state by area. Yet, Vermont has introduced a privacy bill that rivals California in scope. This broad scope is also punctuated by two key provisions. First, Vermont’s applicability…

  • Privacy and Cybersecurity: Two Very Different Sides of the Same Coin

    Privacy and Cybersecurity: Two Very Different Sides of the Same Coin

    Cybersecurity and privacy are often used interchangeably within business organizations because they both refer to how businesses protect personal data. However, there are also several substantial distinctions between the concepts of privacy and cybersecurity. In this post, I explain the differences between privacy and cybersecurity and do a deeper dive into cybersecurity as a legal…

  • Practical Privacy: Where do I start?

    Practical Privacy: Where do I start?

    I often hear from clients that they are concerned about privacy issues, but that they don’t know where to start. This common conundrum is partially a result of the myriad of different sector specific privacy laws, overlapping state and federal privacy obligations, and constantly changing case law. One of the best places to start is…

  • California’s Privacy agency signals Priority: Data Minimization

    California’s Privacy agency signals Priority: Data Minimization

    The California Privacy Protection Agency (CPPA) issued its first advisory last week reminding businesses that data minimization is a foundational principle under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act . The advisory made clear that businesses should analyze and consider what data is necessary to achieve the purpose…