Archives: Websites

Subscribe to Websites RSS Feed

CCPA News: Amendments Signed into Law by the California Governor and Draft Regulations Released by the State’s Attorney General

Last week was a busy week for the California Consumer Privacy Act (CCPA), as Attorney General Xavier Becerra released draft regulations on October 10 and Governor Newsom signed several pending CCPA amendments into law on October 11.  The CCPA amendments clarified several important issues, including: employee information and business-to-business (B2B) communications are exempt from the … Continue Reading

From California to Nevada: Another State Privacy Law That You Need to Know

While we’ve discussed the California Consumer Privacy Act (CCPA) at length, Nevada was busy amending its internet privacy law and in the process beat California’s deadline for the effective date by three months. Nevada’s SB 220 is effective as of October 1, 2019. This law prevents covered operators from selling individual’s personal information and allows … Continue Reading

U.S. Supreme Court Declines to Hear Case on Whether Commercial Websites and Mobile Apps Subject to Title III of the Americans with Disabilities Act (the “ADA”)

The ADA was enacted in 1990 to prohibit discrimination against persons with disabilities. It did not include express rules about access to websites and mobile apps. But that hasn’t stopped a flood of lawsuits against companies based on claims their websites or mobile apps might not be accessible to people with disabilities, such as visual, … Continue Reading

CCPA Draft Regulations Expected in October

Bloomberg Law reported this week that California Attorney General Xavier Becerra expects to issue draft regulations for the California Consumer Privacy Act (CCPA) in October. Bloomberg reported that AG Becerra told reporters the regulations would be published next month. Businesses and consumers will then be able to submit public comments to the regulations. Bloomberg also reported … Continue Reading

$267 Million Judgment Against Debt Collector for TCPA Violations

On September 10, 2019, California federal judge, U.S. District Judge Yvonne Gonzalez Rogers, entered a $267 million judgment against a debt collection agency, Rash Curtis & Associates (Rash Curtis), for its violation of the Telephone Consumer Protection Act (TCPA) for over 534,000 unsolicited robocalls. This judgment comes after a May jury trial in which the … Continue Reading

Keep Privacy Shield Certification on the Radar Screen

After all of the GDPR compliance assessments, implementation and hullaballoo in the last year or so, many companies chose to certify that they are compliant with the EU-U.S. Privacy Shield framework rather than implementing a full-blown GDPR compliance program. To attain Privacy Shield certification, companies must submit an application and certify that when consumer data … Continue Reading

Delta Sues Vendor for Causing Data Breach

In an unusual move, Delta Airlines (Delta) sued one of its vendors last week for the data breach it experienced in 2017. It’s an unusual move for several reasons. First, in our experience when a vendor causes a data breach, there is usually a contractual provision that can be followed that outlines the responsibility of … Continue Reading

CCPA Update

We have been watching all of the activity around the proposed amendments to the California Consumer Privacy Act (CCPA) to see where the law settles to assist with compliance. Not surprisingly, but nonetheless important to know, is the fact that the California Assembly on May 29, 2019, unanimously passed an amendment to CCPA that excludes … Continue Reading

Questions to Consider Asking Your Broker About Cyberliability Coverage

One of the first questions we ask our clients when they call about a security incident is whether they have insurance that may cover the costs associated with investigating the incident, potential forensic analysis, and coverage for a data breach. Sometimes the client will say “Yes, we have cyber coverage.” However, when reviewing the coverage … Continue Reading

Privacy Tip #192 – Combating Robocallers: California AG Hits Scam Telemarketers with $1.5M in Judgments

Like many of you, I don’t answer my cell phone unless the number pops up as someone I know, because a majority of the calls I get are spam or robocalls. It’s so frustrating. Although these calls are probably a violation of the Telephone Consumer Protection Act (TCPA), the Federal Trade Commission (FTC) – the … Continue Reading

Another California Consumer Privacy Act of 2018 Amendment—Employees and/or Job Applicants Are Not Consumers

A few weeks ago, I pondered whether the California Consumer Privacy Act of 2018 (CCPA) is still a bit of a work in progress with the introduction of a proposed amendment. Recently, another amendment was proposed by Assembly Member Edwin Chau in the form of Assembly Bill 25. Assembly Bill 25 would exclude employees and … Continue Reading

Medical Marijuana Delivery App Agrees to Settle TCPA Case for $1.75M

The “Uber of weed” app developed by Eaze Solutions, Inc. (Eaze) provides information to users about the delivery of recreational and medical marijuana throughout California. Unfortunately, Eaze allegedly violated the Telephone Consumer Protection Act (TCPA) by inundating its users with unsolicited, autodialed text messages about how to buy marijuana. The named plaintiff alleges that she … Continue Reading

Preparing for Compliance with the California Consumer Privacy Act

On the heels of working with clients on compliance with the European Union’s General Data Privacy Regulation (GDPR) and the rapidly evolving landscape of data privacy and security laws and regulations, the next hurdle to set compliance sights on for organizations is the California Consumer Privacy Act (CCPA). We have previously outlined the requirements of … Continue Reading

Federal Privacy Law – Could It Happen in 2019?

This was a busy week for activity and discussions on the federal level regarding existing privacy laws – namely the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). But the real question is, could a federal privacy law actually happen in 2019? Cybersecurity issues and the possibility of a … Continue Reading

Plaintiff Argues GoDaddy Texting Campaign Used an Autodialer

Lead plaintiff, John Herrick, in the Telephone Consumer Protection Act (TCPA) class action lawsuit against GoDaddy.com LLC (GoDaddy.com) opposed an Arizona federal judge’s May 2018 decision to grant summary judgment in favor of GoDaddy.com. The court granted summary judgment on the grounds that the platform used to send the text messages did not qualify as … Continue Reading

TCPA Class Action filed Against Medspa for Unwanted Text Messages

Last week, Florida skin care spa, Medspa Del Mar LLC (Medspa) was hit with a Telephone Consumer Protection Act (TCPA) class action in federal court for allegedly using an automatic dialing system to send unwanted text messages advertising its treatments. Lead plaintiff claims that Medspa invaded her and other class members’ privacy by sending a … Continue Reading

CCPA Part 2 – What Does Your Business Need to Know? Consumer Requests and Notice to Consumers of Personal Information Collected

This week we continue our series of articles on the California Consumer Privacy Act of 2018 (CCPA). We’ve been discussing the broad nature of this privacy law and answering some general questions, such as what is it? Who does it apply to? What protections are included for consumers? How does it affect businesses? What rights … Continue Reading

California AG’s Office Begins CCPA Rulemaking Process with Series of Public Forums

On January 8, 2019, the California Department of Justice hosted the first in a series of six public forums on the California Consumer Protection Act (CCPA). The forums offer the public an opportunity for comment in advance of the drafting of regulations by the state Attorney General’s office. These regulations are seen as being particularly … Continue Reading

UK Information Commissioner’s Office Issues Guidance on Use of Encryption and Passwords in Connection with GDPR

The “security principle” under the General Data Protection Regulation (GDPR) requires that organizations process personal data securely by means of “appropriate” technical and organizational measures. This month, the United Kingdom’s Information Commissioner’s Office (ICO) issued new guidance focused on two specific measures the ICO recommends that companies consider in complying with the GDPR security requirements: … Continue Reading
LexBlog