Archives: Data Privacy

Subscribe to Data Privacy RSS Feed

CCPA News: Amendments Signed into Law by the Governor and Draft Regulations Released by the Attorney General

Last week was a busy week for the California Consumer Privacy Act (CCPA), as Attorney General Xavier Becerra released draft regulations on October 10 and Governor Newsom signed several pending CCPA amendments into law on October 11. The CCPA amendments clarified several important issues, including: employee information and business-to-business (B2B) communications are exempt from the … Continue Reading

From California to Nevada: Another State Privacy Law That You Need to Know

While we’ve discussed the California Consumer Privacy Act (CCPA) at length, Nevada was busy amending its internet privacy law and in the process beat California’s deadline for the effective date by three months. Nevada’s SB 220 is effective as of October 1, 2019. This law prevents covered operators from selling individual’s personal information and allows … Continue Reading

CCPA Draft Regulations Expected in October

Bloomberg Law reported this week that California Attorney General Xavier Becerra expects to issue draft regulations for the California Consumer Privacy Act (CCPA) in October. Bloomberg reported that AG Becerra told reporters the regulations would be published next month. Businesses and consumers will then be able to submit public comments to the regulations. Bloomberg also reported … Continue Reading

NIST Privacy Framework Draft Released

The National Institute of Standards and Technology (NIST) recently released its draft Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management (Privacy Framework). What is the NIST Privacy Framework? First, let’s begin with what is NIST? NIST was founded in 1901 and is now part of the U.S. Department of Commerce. According to … Continue Reading

Health Care Organizations Have Highest Costs for Data Breaches

As readers of this blog know, data breaches in the health care industry are all too common. Healthcare organizations are an attractive target for hackers because of the nature and amount of personal information that they possess. Therefore, it is perhaps not surprising that healthcare organizations have the highest costs associated with data breaches. They … Continue Reading

States Struggle with Regulating Risks Associated with College Closures

Based on an unprecedented number of college closures, along with complex demographic challenges showing continued reductions in the number of college-aged students, states are struggling to determine how to best protect both students and college employees. Currently, most states have been reactive, and have only taken action after a college has announced its intention to … Continue Reading

OIG Issues Alert to Warn of ‘Free’ Genetic Testing Scams Seeking to Steal Information

On June 3, 2019, the U.S. Department of Health and Human Services Office of Inspector General (OIG) issued a fraud alert to notify consumers about genetic testing fraud schemes (the Alert). According to the OIG, fraudulent actors are using the provision of free genetic testing kits to obtain Medicare information from unwitting consumers, and then … Continue Reading

The WhatsApp Hack – Practice Good Phone Hygiene and Update Your Apps

WhatsApp, the popular instant messaging app announced a hack and the exposure of a security flaw this week. The flaw injected malware onto users’ phones, potentially exposing their otherwise encrypted data and messages. WhatsApp allows users to instant message and make phone calls throughout the world. The app features described on its website include simple, … Continue Reading

Another California Consumer Privacy Act of 2018 Amendment—Employees and/or Job Applicants Are Not Consumers

A few weeks ago, I pondered whether the California Consumer Privacy Act of 2018 (CCPA) is still a bit of a work in progress with the introduction of a proposed amendment. Recently, another amendment was proposed by Assembly Member Edwin Chau in the form of Assembly Bill 25. Assembly Bill 25 would exclude employees and … Continue Reading

Federal Privacy Law – Could It Happen in 2019?

This was a busy week for activity and discussions on the federal level regarding existing privacy laws – namely the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). But the real question is, could a federal privacy law actually happen in 2019? Cybersecurity issues and the possibility of a … Continue Reading

Data Mining Shaping The Global Political Climate

The 2016 U.S. Presidential election demonstrated the importance of digital campaigning. President Trump’s campaign was vastly outspent by Hillary Clinton’s campaign, and placed little emphasis on traditional ground-game tactics. Instead, Trump focused his campaign on digital strategies to target “persuadable voters” via social media. The outcome of the election demonstrated the efficacy of this strategy; … Continue Reading

Behavioral Biometrics: Constructing the Digital You

During WWII, Morse Code was an indispensable asset that allowed the allies to transmit sensitive information over long distances with great accuracy. However, it contained an obvious, and potentially fatal, flaw — it provided no built in mechanism for identifying the sender of the messages. In order to combat this, U.S. intelligence officers implemented a … Continue Reading

Privacy Concerns Lead OSHA to Rescind its Electronic Filing Requirement

In response to concerns raised by employers and to protect worker privacy, the Occupational Health & Safety Administration (OSHA) recently amended its recordkeeping regulations to eliminate the requirement that larger employers submit certain information electronically. The final rule rescinds the mandate that establishments with 250 or more employees had to electronically submit information from OSHA Form … Continue Reading

CCPA Part 2 – What Does Your Business Need to Know? Consumer Requests and Notice to Consumers of Personal Information Collected

This week we continue our series of articles on the California Consumer Privacy Act of 2018 (CCPA). We’ve been discussing the broad nature of this privacy law and answering some general questions, such as what is it? Who does it apply to? What protections are included for consumers? How does it affect businesses? What rights … Continue Reading

California AG’s Office Begins CCPA Rulemaking Process with Series of Public Forums

On January 8, 2019, the California Department of Justice hosted the first in a series of six public forums on the California Consumer Protection Act (CCPA). The forums offer the public an opportunity for comment in advance of the drafting of regulations by the state Attorney General’s office. These regulations are seen as being particularly … Continue Reading

Data Privacy and Security in the Cannabis Industry

In November, cannabis won big in the midterm elections–in Michigan, the legalization of recreational cannabis passed, the legalization of medical cannabis passed in Utah and Missouri, and several states elected governors who back legislation for legalization of cannabis. Now, there are 33 states that allow some form of medical marijuana and 10 states (plus D.C.) … Continue Reading

Fourth Circuit Expands Title IX Liability for Harassment Through Anonymous Online Posts

The Fourth Circuit recently held that universities could be liable for Title IX violations if they fail to adequately respond to harassment that occurs through anonymous-messaging apps. The case, Feminist Majority Foundation v. Hurley, concerned messages sent through the now-defunct app Yik Yak to the individual plaintiffs, who were students at the University of Mary … Continue Reading

SSD Hardware and BitLocker Encryption

Security researchers at Radboud University in the Netherlands have discovered a flaw in several manufacturers’ solid state hard drive firmware that can be exploited to read data from self-encrypting drives (SED). The researchers published their findings in a paper on November 5th. The authors identified several methods they were able to use to bypass hardware … Continue Reading
LexBlog