Robinson+Cole's Data Privacy + Cybersecurity Team

An apparent email snafu has led to the filing of a putative class action against the Phoenix Children’s Hospital. The allegations stem from an email that was allegedly sent out to 368 people that outlined the protocols for employees with approved COVID-19 vaccine exemptions. The email set forth the protocols related to accommodations for such

The Facebook company now known as Meta announced this week that it is shutting down the Face Recognition system on Facebook.  Meta stated that this is part of a company-wide move to limit the use of facial recognition technology in its products. What does this mean? If you have a Facebook page and you previously

The state of Virginia recently enacted a law banning local law enforcement and campus police departments from using facial recognition technology. Facial recognition technology is defined as an “electronic system for enrolling, capturing, extracting, comparing, and matching an individual’s geometric facial data to identify individuals in photos, videos, or real time.” The law states that

Two more state governors, those of Maine and North Dakota, have signed bills into law that adopt the National Association of Insurance Commissioners (NAIC) data security model law (Model Law). Maine and North Dakota join several other states that have already passed similar laws. Hawaii, Idaho, Illinois, Iowa, Minnesota, Rhode Island, and Wisconsin have similar

The California State Controller’s Office (SCO) was recently a victim of phishing. According to its website, an employee of the SCO’s Unclaimed Property Division clicked on a link in an email, entered their user ID and password, and unknowingly provided a hacker with access to the email account. According to the website, “SCO has

California Attorney General Xavier Becerra announced this week that the Office of Administrative Law approved additional California Consumer Privacy Act (CCPA) regulations, which became effective March 15, 2021.

The additional changes to the regulations primarily affect businesses that sell the personal information of California residents. The changes include a uniform Opt-Out Icon for the

Bloomberg reported this week that the first comprehensive federal privacy bill of the year was introduced by Representative Suzan DelBene (D-Washington). The bill is known as the Information Transparency and Personal Data Control Act. The key concept of the bill is to protect sensitive personal information, which includes data relating to financial, health, genetic,

Virginia Governor Ralph Northam signed the Consumer Data Protection Act (CDPA) on Tuesday, March 2, 2021. Virginia now joins California as the second state to have a data privacy law. The law takes effect on January 1, 2023, so businesses have some time to get ready. In our previous article on the proposed legislation, we

This week, Consumer Reports published a Model State Privacy Act. The Consumer advocacy organization proposed model legislation “to ensure that companies are required to honor consumers’ privacy.” The model legislation is similar to the California Consumer Privacy Act, but seeks to protect consumer privacy rights “by default.”  Some additional provisions of the model law

The state of Virginia might be the next state to enact a privacy law. Senate Bill No. 1392 recently passed the Senate and is likely on its way to Governor Ralph Northam’s desk.  The bill adds the Consumer Data Protection Act to the Virginia Code and includes definitions of biometric data, precise geolocation data, profiling,