Texas: A tale of two Acts on the road to Consumer Privacy law.

Back in March of this year, not one, but two consumer privacy bills were filed in the Texas House of Representatives. Republican Rep. Giovanni Capriglione filed House Bill 4390 a.k.a. Texas Privacy Protection Act, while Democrat Rep. Trey Martinez Fischer filed HB 4518 a.k.a. the Texas Consumer Privacy Act.

Unsurprisingly, both bills are modeled on California’s Consumer Privacy Act (CCPA). But that’s where the similarity ends, as there are a number of differences between the two bills.

In this article we examine what Texas started out with ….and what it ended up with.

Read More
FTC Gets Tough on Data Security: 5 vital take-aways

The Federal Trade Commission’s (FTC) advice on Data Security says; having a sound security plan in place to collect only what [data] you need, keep it safe, and dispose of it securely can help you meet your legal obligations to protect sensitive data.

So, what happens when this sage advice is not taken?

Well, it seems the FTC is taking a much tougher stance on compliance obligations of consent orders it enters into with businesses to settle enforcement actions relating to data breaches.

Read More
California: Privacy Notices under the CCPA spotlight

Transparency is one of the most fundamental aspects of the California Consumer Privacy Act (CCPA). The new regulation introduces vital new consumer rights, as well as strict obligations for businesses to disclose their data gathering operations.

Once the CCPA comes into force in January 2020, there will be increased scrutiny of privacy notices - with a particular focus on the details of a business’s data collection and processing practices.

Read More
MARKETING: Gaining and retaining consumer trust in a privacy-centric world?

As the debate about a federal privacy law versus state-level laws reaches fever pitch, and consumers become increasingly concerned about their privacy, we look at the impact of data privacy on marketers, as they look to protect and grow brands, while complying with strict privacy policies.

However, the smart marketing companies are not just exploring preemptive ways of avoiding trouble, they are also looking to create a genuinely pleasing and trusted experience for their target customers.

So, how can compliance and technology help marketers to gain a competitive edge, while building (and retaining) consumer trust?

Read More
GDPR EXPLAINED: The 6 Legal grounds for Processing Personal Data LAWFULLY

For many businesses, compliance with the General Data Protection Regulation (GDPR) has proven to be a bigger challenge than first anticipated, with much of the confusion caused by the complexities of the 99 articles and 173 recitals that make up the 261-page document.

This article, although not definitive, provides some clarity for companies seeking to establish appropriate legal grounds for the processing of personal data.

Read More
Colorado: 40 data breaches since new consumer privacy law …and counting.

Cybersecurity breaches that expose the personal information of consumers have become a common occurrence. And Colorado’s consumer data protection laws are there to provide comfort that should this happen to residents’ own personal data, the affected company must notify them within 30 days.

The state law came into effect in September 2018. But just five months later, in February 2019, 33 organizations had already reported data breaches, with notifications sent to more than 91,000 Colorado residents.

In this post, we take a look at how the Colorado Consumer Data Protection Law is shaping up - and the impact it is having on both consumers and businesses.

Read More
Evolution of the CCPA and how the latest amendments could impact marketers

If you think the California Consumer Privacy Act is in a state of perpetual mutation, you are not alone. The latest round of amendments are now meandering through the California State Assembly, and if passed, will either provide some welcome clarification, …or make the CCPA even more baffling.

Several bills are awaiting a Senate vote, having already made it through the California Assembly Appropriations Committee, while others are still languishing in the line-up for committee approval.

In this post we take a brief look at the 8 primary CCPA amendments currently on the docket:

Read More
U.S. Justice Department targets perpetrators of “worst data breach in history”

How is it, that some data breaches are swiftly exposed, and perpetrators duly punished, while others can take years of investigations, costing American taxpayers millions of dollars, as stretched legal resources are deployed in bringing cyber-criminals to justice?

In 2015, a highly sophisticated group of hackers committed what was considered one of the worst data breaches in history, involving the theft of personal data belonging to almost 80 million people.

Having identified the alleged suspects, a federal grand jury is now looking to bring the perpetrators to justice, as this intriguing account of international cybercrime unfolds

Read More
Federal privacy law: Hearings continue as CCPA and GDPR discussed

Once again, data privacy was hot on the agenda this week, as the Senate Committee on Banking, Housing, and Urban Affairs met on Tuesday for the first of two privacy-related hearings scheduled this week.

As Congress continues to move at a snail’s pace towards the creation of a federal consumer privacy law, critics complain that, yet again, old ground is being covered, judging by the testimonies offered by some senators.

Read More
Ireland’s GDPR regulator assists Congress with federal privacy law

Last week we posted on how Congress is being advised by various industry experts, as lawmakers’ wrestle with the task of codifying a federal consumer privacy law. However, as we reported, there are concerns that some external “advice” could potentially come from industry-funded lobbyists, whose job is to influence in favor of the big tech players.

Whether you support the introduction of a federal privacy law or prefer to see state-level consumer privacy legislation, you might find it comforting to know that at least one advisor to Capitol Hill has no such ulterior motives for providing assistance.

Read More
California: CCPA - Not about employees?

Following our recent post concerning numerous claims that the California Consumer Privacy Act (CCPA) is “vague” and “confusing”, we find there is yet another aspect of the new law, which appears to be in need of some clarification.

Up until recently, many organizations that are preparing for CCPA compliance, have held the belief that personal information about employees is subject to the new privacy regulation.

However, the CCPA may not apply to employers’ HR data at all.

Read More
Many businesses still clueless concerning CCPA

New research has shone a spotlight on the desperate need to create greater awareness of the looming California Consumer Privacy Act (CCPA).

The resulting report has exposed a worrying gap in the understanding and implications of the impending data privacy law, which will affect any company that provides products and/or services to consumers and businesses located in the state of California, regardless of where that company is located.

If your business serves customers in the state of California, this article and report provides crucial reading. 

Read More
New York: Data privacy survey launched

New York State Governor Andrew M. Cuomo has announced the launch of a data privacy consumer survey that aims to improving the privacy regulations of the online marketplace.

The New York State Division of Consumer Protection launched the survey to give residents of New York an opportunity to voice their opinions and comments on privacy issues.

Read More
FTC holds 2-day hearing on federal consumer legislation

Last week, the Federal Trade Commission (FTC) held its twelfth Hearing on Competition and Consumer Protection. The theme of the two-day hearing focused on the FTC’s approach to consumer privacy.

In this post we highlight some of the main points discussed during the hearing, what was agreed and disagreed, and consider whether new privacy laws such as the CCPA and the GDPR have any part to play in the formulation of new federal privacy legislation.

Read More
Marketing sector coalition pushes for new data privacy law

A new coalition group called Privacy for America, has been set up by four U.S. advertising trade groups are calling for strong, nationwide data protection for all American citizens.

The group is lobbying Congress to ensure federal online privacy legislation is not as strict as the California Consumer Privacy Act (CCPA), which is due to come into effect in January 2020.

The group is seeking to create a new criterion for data privacy and responsible data use. It wants a national law that favors the interests of the consumer and makes peoples' personal information less vulnerable to breach and misuse, as well as clearly defined prohibited data practices.

Read More
CCPA: Businesses want to be compliant. They just need to know how.

The importance of safeguarding consumers’ personal information is universally acknowledged. However, some critics of the California Consumer Privacy Act (CCPA) suggest that the Act merely serves to threaten businesses with potentially crippling fines and reputational damage. There are also concerns of a potential negative impact on consumers, who could benefit from tech innovation such as new ways to use data to offer personalized services and product recommendations - not to mention the use of free services in return for the collection and processing of their personal data.

Read More
States impose new cybersecurity regulations on insurance sector

Insurance companies across the U.S. are being pushed into reviewing their data security protocols, following a series of high-profile breaches and cyberattacks in the last few years.

States are enacting cybersecurity legislation specific to the insurance industry, led by South Carolina, Ohio and Michigan, which have already passed data security laws for insurers over the past 12 months.

The governor of Mississippi approved new measures on April 3. Connecticut and New Hampshire also have bills moving forward in their legislatures.

Read More
Biometric Information Privacy Act: Lawsuits on the horizon?

Slowly but surely, tech companies are diversifying by moving into new and emerging markets, including the financial services. And, if legal departments are not involved at the get-go this could easily create some regulatory headaches. Could a new EU copyright law be the harbinger of a wave of lawsuits?

In January, the Supreme Court of Illinois held that a violation of the state’s Biometric Information Privacy Act (BIPA), is sufficient to confer standing - even without concrete evidence of harm.

Read More
SMBs fret about the cost of data privacy compliance

Will new U.S. data privacy laws prove to be too costly for small businesses?

Owners of small and medium sized businesses are deeply apprehensive about the true cost of compliance with new data privacy regulations, according to a recent survey.

Concerns range from a lack of budget to implement operational changes, and the impact on business growth, to the inability of start-ups to take off due to regulatory burdens.

If you are one of the 30 million+ businesses with fewer than 500 employees, that make a massive contribution to the U.S. economy, this article is for you.

Read More