technology
-
Understanding California Assembly Bill 322 on Geolocation Data
California Assembly Bill 322 is currently under consideration by the Senate Appropriations Committee. It seeks to amend the California Privacy Protection Act (CCPA) and aims to provide additional regulations and obligations. Specifically, it seeks to further regulate the the collection and processing of precise geolocation information. Precise geolocation is defined under CCPA as location data…
-
Happy Data Privacy Week! Celebrate this year’s theme.
Today we kick off 2025’s Data Privacy Week, which focuses attention on data governance practices, education, and action items to bolster data privacy and data protection for businesses and individuals, alike. As part of the designation, the National Cybersecurity Alliance has announced that this year’s Data Privacy Week theme is Take Control of Your Data. An…
-
California Usurps Federal Privacy Action (Again)
Most Americans expect the federal government to be involved in international agreements on individual rights affecting U.S. citizens. California has partnered with France on data privacy protections, following the cancellation of a federal privacy rights act discussion. This collaboration signals a shift towards more cohesive global privacy regulations and may influence California’s privacy legislation approach.
-
SEC Guidance: Providing Clarity on Private Sharing of Cybersecurity Incident Information
In July 2023, the SEC mandated public companies to annually disclose material cybersecurity incidents and risk management details to protect investors. The new rules aim for consistent disclosure and timely reporting within four business days, but caused confusion about how these disclosures may prohibit or limit the ability to discuss additional details as part of…
-
California Privacy Protection Agency Provides Summary of Pending California Privacy Legislation
In advance of the upcoming May 10th meeting, the California Privacy Protection Agency released meeting materials to provide context to several agenda items. In particular, the California Privacy Protection Agency Board voted unanimously to: In addition, the materials provide a snapshot of the California legislative calendar, along with a list of eight pending bills that…
-
FTC Warns that Notice and Choice May Not Be Enough to Protect Privacy
During a recent lecture at Fordham Law School, Samuel Levine, the Director of the Federal Trade Commission Bureau of Consumer Protection warned that when it comes to privacy “notice and choice is a fantasy world.” Mr. Levine did not mince words, further calling notice and choice a regime that “became a way for companies to…
-
Small but Mighty: The Vermont Data Privacy Act and It’s Private Right of Action
According to the 2020 census, Vermont’s population of just under 650,000 residents makes it the second to last in population in the nation and the sixth smallest state by area. Yet, Vermont has introduced a privacy bill that rivals California in scope. This broad scope is also punctuated by two key provisions. First, Vermont’s applicability…
-
Privacy and Cybersecurity: Two Very Different Sides of the Same Coin
Cybersecurity and privacy are often used interchangeably within business organizations because they both refer to how businesses protect personal data. However, there are also several substantial distinctions between the concepts of privacy and cybersecurity. In this post, I explain the differences between privacy and cybersecurity and do a deeper dive into cybersecurity as a legal…
-
The Buzz of Artificial Intelligence
In preparing for a talk on artificial intelligence this week, I was reminded of a basic, but increasingly risky, area for businesses as the buzz of artificial intelligence reaches a fever pitch. Namely–are you marketing an automated tool, product, or service as artificial intelligence? And, if so, have you vetted whether that automated tool, product,…
Focused On Privacy 