California Attorney General Xavier Becerra said last week that “knowledge is power, and in today’s world knowledge is derived from data. When it comes to your own data, you should be in control…” These words came in an Advisory highlighting California consumers’ rights under the California Consumer Privacy Act (CCPA). The Advisory outlined several areas … Continue Reading
After much anticipation and trepidation, the California Consumer Privacy Act (CCPA) went into effect on January 1, 2020. Many companies are understandably still grappling with the details of the law, the amendments, and the proposed regulations and how to comply with them. If you have not determined whether the CCPA applies to your company, and … Continue Reading
Last week, Veritas Genetics, a consumer-facing DNA testing company, suffered a security breach affecting customer information in its database. Veritas offers whole-genome sequencing to consumers for $599. The security incident affected its customer portal, which Veritas said does not contain genetic data, DNA test results or health records. How did that information remain protected from … Continue Reading
More than a year ago, in April 2018, police announced that they had used a new investigative technique to arrest a man known as the Golden State Killer. For the first time, the police submitted DNA from a crime scene into a consumer DNA database, where the information in that database about distant relatives helped … Continue Reading
Would you hand over your smartphone, including your call history, text messages, photos, GPS locations, and browser history to your employer? To your significant other? How about to a random stranger? I’m guessing your answer is an overwhelming “No” to each of these questions. Stalkerware and stalking apps do just that. Both are spyware that … Continue Reading
Last week was a busy week for the California Consumer Privacy Act (CCPA), as Attorney General Xavier Becerra released draft regulations on October 10 and Governor Newsom signed several pending CCPA amendments into law on October 11. The CCPA amendments clarified several important issues, including: employee information and business-to-business (B2B) communications are exempt from the … Continue Reading
While we’ve discussed the California Consumer Privacy Act (CCPA) at length, Nevada was busy amending its internet privacy law and in the process beat California’s deadline for the effective date by three months. Nevada’s SB 220 is effective as of October 1, 2019. This law prevents covered operators from selling individual’s personal information and allows … Continue Reading
Bloomberg Law reported this week that California Attorney General Xavier Becerra expects to issue draft regulations for the California Consumer Privacy Act (CCPA) in October. Bloomberg reported that AG Becerra told reporters the regulations would be published next month. Businesses and consumers will then be able to submit public comments to the regulations. Bloomberg also reported … Continue Reading
The California legislature passed six amendments to the California Consumer Privacy Act (CCPA) that are on their way to Governor Gavin Newsom’s desk. The Governor has until October 13, 2019, to act on the amendments. With the end of the legislative session on September 13, this means that should the Governor sign all the amendments, … Continue Reading
The National Institute of Standards and Technology (NIST) recently released its draft Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management (Privacy Framework). What is the NIST Privacy Framework? First, let’s begin with what is NIST? NIST was founded in 1901 and is now part of the U.S. Department of Commerce. According to … Continue Reading
As readers of this blog know, data breaches in the health care industry are all too common. Healthcare organizations are an attractive target for hackers because of the nature and amount of personal information that they possess. Therefore, it is perhaps not surprising that healthcare organizations have the highest costs associated with data breaches. They … Continue Reading
Based on an unprecedented number of college closures, along with complex demographic challenges showing continued reductions in the number of college-aged students, states are struggling to determine how to best protect both students and college employees. Currently, most states have been reactive, and have only taken action after a college has announced its intention to … Continue Reading
As of today, the only NFL team operating on game day without cash is the Atlanta Falcons at Mercedes-Benz stadium. However, there is an emerging trend of cashless sporting events and the Super Bowl may be added to that list next year. Additionally, the Tottenham Hotspur stadium in London, which will host NFL games, opened … Continue Reading
On June 3, 2019, the U.S. Department of Health and Human Services Office of Inspector General (OIG) issued a fraud alert to notify consumers about genetic testing fraud schemes (the Alert). According to the OIG, fraudulent actors are using the provision of free genetic testing kits to obtain Medicare information from unwitting consumers, and then … Continue Reading
WhatsApp, the popular instant messaging app announced a hack and the exposure of a security flaw this week. The flaw injected malware onto users’ phones, potentially exposing their otherwise encrypted data and messages. WhatsApp allows users to instant message and make phone calls throughout the world. The app features described on its website include simple, … Continue Reading
A few weeks ago, I pondered whether the California Consumer Privacy Act of 2018 (CCPA) is still a bit of a work in progress with the introduction of a proposed amendment. Recently, another amendment was proposed by Assembly Member Edwin Chau in the form of Assembly Bill 25. Assembly Bill 25 would exclude employees and … Continue Reading
We write about data breaches and privacy issues all the time. We are desensitized in some ways to the fact that our privacy may have been, or will be, compromised and, quite frankly, many people now distrust some of the very companies with which they shared their information. California led the way regarding privacy legislation … Continue Reading
This was a busy week for activity and discussions on the federal level regarding existing privacy laws – namely the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). But the real question is, could a federal privacy law actually happen in 2019? Cybersecurity issues and the possibility of a … Continue Reading
This week we continue our series of articles on the California Consumer Privacy Act of 2018 (CCPA). One of the biggest challenges for all of us who are analyzing this law is that even before its 2020 effective date, it’s still a work in progress. This week, legislation was introduced by California State Senator Hannah-Beth … Continue Reading
The 2016 U.S. Presidential election demonstrated the importance of digital campaigning. President Trump’s campaign was vastly outspent by Hillary Clinton’s campaign, and placed little emphasis on traditional ground-game tactics. Instead, Trump focused his campaign on digital strategies to target “persuadable voters” via social media. The outcome of the election demonstrated the efficacy of this strategy; … Continue Reading
During WWII, Morse Code was an indispensable asset that allowed the allies to transmit sensitive information over long distances with great accuracy. However, it contained an obvious, and potentially fatal, flaw — it provided no built in mechanism for identifying the sender of the messages. In order to combat this, U.S. intelligence officers implemented a … Continue Reading
The deservedly well-publicized arrest of the Golden State Killer last fall was a coup for law enforcement, and a marvelous use of modern technology. Sequencing the DNA profile of material left by the killer at a crime scene 40 years ago, then scouring publicly available databases for a genetic match, and ultimately making the arrest … Continue Reading
In response to concerns raised by employers and to protect worker privacy, the Occupational Health & Safety Administration (OSHA) recently amended its recordkeeping regulations to eliminate the requirement that larger employers submit certain information electronically. The final rule rescinds the mandate that establishments with 250 or more employees had to electronically submit information from OSHA Form … Continue Reading
This week we continue our series of articles on the California Consumer Privacy Act of 2018 (CCPA). We’ve been discussing the broad nature of this privacy law and answering some general questions, such as what is it? Who does it apply to? What protections are included for consumers? How does it affect businesses? What rights … Continue Reading
