Tag Archives: California

Cities Consider Banning the Use of Facial Recognition Technology

In the footsteps of San Francisco’s ban of the use of facial recognition technology, the cities of Somerville, Massachusetts, Oakland, California, and Berkeley, California are considering banning the use of facial recognition technology by municipal agencies. The proposed ban is in the midst of more and more cameras and smart technology being used for traffic … Continue Reading

Oregon’s New IoT Law

Oregon became the latest state to require manufacturers of internet “connected devices” that make, sell or offer to sell the devices in the state to equip the device with “reasonable security features” according to Oregon House Bill 2395 amending ORS 646.607. According to the law, “[R]easonable security features” means methods to protect a connected device … Continue Reading

Model Rule for Securities Administrators Approved by NASAA

The North American Securities Administrators Association (NASAA) this week approved an information security model rule package aimed at improving the cybersecurity posture of the 17,543 state-registered advisers. The proposed model would require state-registered investment advisers to establish written cybersecurity policies and procedures designed to safeguard clients’ records and information, and to deliver its privacy policy … Continue Reading

Cottage Health Settles with OCR for $3M

We previously reported that Cottage Health, a health care entity operating several hospitals in California, settled with the State of California for $3 million in regard to a security incident that occurred in 2013. On February 7, 2019, the Office for Civil Rights (OCR) issued a press release that it settled HIPAA violations in December … Continue Reading

California Law IoT Devised to Have “Reasonable Security Feature”

On September 28, 2018, California passed Senate Bill No. 327, Chapter 886, which regulates the security of all internet of things (IoT) devices sold in California.  Collectively, IoT broadly refers to all internet-enabled devices and includes everything from doorbells and lamps to cell phones and wearable devices. This bill, beginning on January 1, 2020, will … Continue Reading

Judge Rules Biometric Identifiers Can’t Be Used to Unlock Phone

A federal magistrate judge in California has ruled that law enforcement personnel may not require suspects to unlock their phones with biometric identifiers like a fingerprint, iris scan or facial recognition, saying the practice is unconstitutional. The decision followed the request for a search warrant in an extortion case. The prosecutors asked for an order … Continue Reading

California AG’s Office Begins CCPA Rulemaking Process with Series of Public Forums

On January 8, 2019, the California Department of Justice hosted the first in a series of six public forums on the California Consumer Protection Act (CCPA). The forums offer the public an opportunity for comment in advance of the drafting of regulations by the state Attorney General’s office. These regulations are seen as being particularly … Continue Reading

Parties Seek to Settle Yahoo Data Breach Class Action for $50M

We previously wrote about the Yahoo data breaches, subsequent class action pending in California, and the company’s estimate of potential settlement costs. Based on the Plaintiffs’ recent Motion for Preliminary Approval of Class Action Settlement, filed on October 22, 2018, the parties have tentatively agreed to settle the case for $50,000,000 in settlement funds, $35,000,000 … Continue Reading

California Tackles IoT Security with New Bill

The State of California is once again leading the way with trying to keep up with technology and protecting consumers. Senate Bill 327 requires Internet of Things (IoT) developers to implement “reasonable security features” in IoT products, such as baby monitors, televisions, automobiles, home appliances, fitness monitors, home security systems, and the like. This is … Continue Reading

Adidas Removes Putative Class Action Suit Arising Out of the Data Breach Announced Earlier this Year

On June 28, 2018, Adidas released a statement announcing that it recently “became aware that an unauthorized party claims to have acquired limited data associated with certain Adidas consumers.” Adidas believed the breach was limited to contact information, usernames and encrypted passwords, and not any stored credit card or fitness information, relating to millions of … Continue Reading

Amended California Privacy Law Sent to Governor for Signature

We have previously reported on the anticipated impact of the new California Privacy Law—the California Consumer Privacy Act (“the Act”) [view related post]. The first amendment to the Act, (most likely be the first of many amendments) recently obtained approval from state lawmakers and is on its way to Governor Jerry Brown for signature. The … Continue Reading

Close to 2,000 FAA UAS Waivers in Two Years

Last week, on the two-year anniversary of the small Unmanned Aircraft Systems (UAS) rule (or Part 107), a report was released by the Association of Unmanned Vehicle Systems International (AUVSI) stating that the Federal Aviation Administration (FAA) has granted approximately 2,000 waivers since the inception of Part 107. Part 107 sets forth certain parameters and … Continue Reading

Industry Groups Push for Modifications to California Consumer Privacy Act

As previously detailed, the California Consumer Privacy Act of 2018 was hastily passed by the California legislature as a compromise designed to avoid a more far-reaching ballot initiative. Recognizing the need to clarify various drafting errors, the drafters are currently working on Senate Bill 1121, intended to clarify certain provisions of the Act and to … Continue Reading

Parties Seek to Centralize Saks/Lord & Taylor Data Breach Litigation

As we noted earlier this year, Saks Fifth Avenue LLC, Saks Incorporated, and Lord & Taylor previously disclosed, on April 1, 2018, that some of their customers’ personal information may have been compromised in a data breach. Those companies all share the Canadian business group Hudson’s Bay Company (collectively with Lord & Taylor LLC, Saks … Continue Reading

ReadyTech Settles With FTC Over Claims of Participation in Privacy Shield

Although the U.S. – E.U. Privacy Shield Framework has been intensely criticized by E.U. authorities, the Federal Trade Commission (FTC) continues to enforce violations of it by U.S. companies. On July 2, 2018, the FTC issued a press release stating that it has settled its complaint against ReadyTech, a California-based online training company for “falsely” … Continue Reading

California Enacts “GDPR-Esque” Privacy Law

On June 28, 2018, the California State Legislature passed, and Governor Jerry Brown signed, the California Consumer Privacy Act of 2018, bringing to the United States many of the rights and compliance obligations currently being applied by the European Union through its General Data Protection Regulation (GDPR). Effective January 1, 2020, the Act gives California … Continue Reading

Ten Drone Test Sites Expand States’ Regulatory Role

At test sites in 10 states –Alaska, California, Florida, Nevada, North Dakota, North Carolina, Kansas, Oklahoma, Virginia and Tennessee – the U.S. Department of Transportation (DOT) granted local-backed drone projects special licenses to test new ways of flying. At these test sites, drone package delivery and nighttime flights will be conducted, which are typically prohibited … Continue Reading

California Consumer Privacy Act Likely to Appear on Ballot in November

Businesses are understandably focused this week on the looming effective date for the European Union’s General Data Protection Regulation (GDPR). For U.S. businesses, however, a proposed law closer to home would raise similar compliance burdens and create potential litigation risks. This November, voters in California will likely vote on whether to pass a ballot initiative, … Continue Reading

Walmart’s Patent for Drone Customer Service

Walmart recently filed a patent for drones to aid their shoppers inside their stores –that is, a shopper would use a mobile device, provided by the store, to request a drone, and then direct the drone to conduct a price verification of a product or  to guide the customer to a particular product through the … Continue Reading

Facebook Can’t Shake Illinois Biometric Proposed Class Action Case

We have previously reported on Facebook’s fight against a proposed class action case alleging violation of the Illinois Biometric Information Privacy Act (BIPA). Facebook continues to fight the allegation that its collection and storage of users’ and non-users’ facial scans through the use of facial recognition technology violates BIPA, and has filed a Motion to … Continue Reading

Rail Inspection Firm Acquires Drone Services Company

American Rail Engineers Corp. (ARE), based in Irvine, California, recently acquired a New Hampshire drone services company, Media Wing, LLC (Media Wing), to conduct geographic information system (GIS) mapping and data analytics and enhance ARE’s remote sensing and data processing capabilities. ARE is a bridge management and safety services business for private railroads and public … Continue Reading
LexBlog