As we head toward 2020, expect significant public debate relating to smartphone applications designed to increase turnout and participation in upcoming elections. The Democratic Party has dipped its toe in the water, announcing in July plans to allow telephone voting in lieu of appearing for neighborhood caucus meetings in the key early primary states of
Benjamin Jensen is partner in the firm's Business Litigation Group, where he is a member of the Intellectual Property Litigation and Data Privacy and Security Practice Teams. His practice involves representing clients in complex business litigation matters in state and federal courts, with a focus on matters involving intellectual property, data security, and contract disputes. Benjamin's practice also includes representing health care providers and corporate clients in regulatory matters before the Connecticut departments of Health, Social Services, and Banking. Read his rc.com bio here.
On January 8, 2019, the California Department of Justice hosted the first in a series of six public forums on the California Consumer Protection Act (CCPA). The forums offer the public an opportunity for comment in advance of the drafting of regulations by the state Attorney General’s office. These regulations are seen as being particularly significant given the rushed legislative process resulting in a perceived lack of clarity in several key provisions of the CCPA.
Continue Reading California AG’s Office Begins CCPA Rulemaking Process with Series of Public Forums
The “security principle” under the General Data Protection Regulation (GDPR) requires that organizations process personal data securely by means of “appropriate” technical and organizational measures. This month, the United Kingdom’s Information Commissioner’s Office (ICO) issued new guidance focused on two specific measures the ICO recommends that companies consider in complying with the GDPR security requirements: encryption and passwords.
Continue Reading UK Information Commissioner’s Office Issues Guidance on Use of Encryption and Passwords in Connection with GDPR
Last month, the French data protection authority (the CNIL) issued initial guidance addressing issues that applications utilizing blockchain technology should consider in order to comply with the European General Data Protection Regulation (GDPR).
As recognized by the CNIL, there are certain natural conflicts between GDPR and blockchain technology. A critical feature of the blockchain is its immutability – the fact that once information is entered into the public ledger regarding a transaction, that information cannot be changed or removed from the ledger. The benefits of providing a transparent and permanent public ledger will have to be reconciled with the data subject rights granted by GDPR, including the right to be forgotten and principles of data minimization. Blockchain applications also raise thorny questions about whether participants in the network are acting as data controllers or processors, subject to the GDPR’s requirements. Additionally, how can a worldwide network of computers involved in data processing activities comply with GDPR requirements related to cross-border data transfers outside of the EU?
Continue Reading French Data Protection Authority Issues Guidance on Interaction of Blockchain Technology with GDPR
As part of its Virtual Markets Integrity Initiative, on September 18, 2018, the New York Attorney General’s Office issued a report reviewing the platforms of various cryptocurrency exchanges. The initiative arose from the recognition that online virtual currency exchanges perform functions markedly similar to traditional stock exchanges and broker-dealers, but are generally not registered under state or federal securities or commodities laws and often have not implemented standards designed to protect investors.
Continue Reading New York AG Warns Investors of Risks of Trading on Cryptocurrency Exchanges
On September 4, 2018, the third stage of compliance deadlines under the New York Department of Financial Services’ (DFS) expansive cybersecurity regulation went into effect. This deadline, scheduled for implementation 18 months after the regulation (23 NYCRR 500) initially went into effect in March 2017 triggers Covered Entities’ obligations under the regulation to:
- Maintain systems
Proponents of blockchain technology, the distributed ledger system underlying bitcoin and other cryptocurrencies, view the technology’s applications as potentially offering significant efficiencies to the provision of government services. Two pilot projects currently underway are geared toward exploring the technology’s potential in two key areas of services provided by state and local governments: real property recording…
As previously detailed, the California Consumer Privacy Act of 2018 was hastily passed by the California legislature as a compromise designed to avoid a more far-reaching ballot initiative. Recognizing the need to clarify various drafting errors, the drafters are currently working on Senate Bill 1121, intended to clarify certain provisions of the Act and to…
Add Connecticut, Ohio and Vermont to the list of states passing legislation focused on the potential disruptive impact of blockchain – the technology underlying cryptocurrencies such as Bitcoin. As federal regulators continue to monitor and offer guidance in the cryptocurrency space, with particular focus on Initial Coin Offerings (ICOs), state legislatures around the country are…
On June 28, 2018, the California State Legislature passed, and Governor Jerry Brown signed, the California Consumer Privacy Act of 2018, bringing to the United States many of the rights and compliance obligations currently being applied by the European Union through its General Data Protection Regulation (GDPR). Effective January 1, 2020, the Act gives California…