On October 11, 2024, following the filing of a lawsuit against TikTok by the Kentucky Attorney General, Senators Richard Blumenthal (D-CT) and Marsha Blackburn (R-TN), who authored the bipartisan “Kids Online Safety Act,” requested that TikTok CEO Shou Chew provide all “documents, communications, and research held by TikTok regarding the safety of minors on
Connecticut
Update on Connecticut’s Consumer Privacy Law: How Has it Been Enforced?
The Connecticut Data Privacy Act (CDPA), which became effective on July 1, 2023, provides Connecticut residents with certain rights over their personal information and establishes responsibilities and privacy protection standards for businesses that process personal information. Notably, the CDPA allows businesses a 60-day cure period to correct violations without penalties through the end of 2024.
CPRA Enforcement Postponed to March 2024
This week, the California Superior Court ruled that the California Privacy Protection Agency (CPPA) cannot begin enforcement of the California Privacy Rights Act (CPRA) until March 2024. The ruling stems from a lawsuit filed by the California Chamber of Commerce which argued that state businesses would not have enough time to prepare for the upcoming…
Drones in Agriculture, Research Paving the Way for Better Crop Management
At Belltown Hill Orchards in Glastonbury, Connecticut, a new vehicle is hitting the farm: unmanned aerial vehicles, or better known as drones. Drones are a new frontier for farmers who want to keep track of their crops and gather data on plant health. Using drones in this way will save farmers time; with drone technology,…
Eversource Energy Notifies Customers of Data Breach
Eversource Energy, which is the largest energy supplier in New England with 4.3 million customers in Connecticut, Massachusetts, and New Hampshire, is notifying customers that their personal information was compromised on an unsecured cloud server.
The personal information that was compromised includes names, addresses, telephone numbers, Social Security numbers, services addresses, and account numbers. The…
Vehicle Inspections in Multiple States Disrupted by Malware
Applus Technologies, Inc., a vendor of multiple state Departments of Motor Vehicles that assists states with vehicle inspections, recently announced that its systems have been affected by malware, disrupting motor vehicle inspections in Connecticut, Georgia, Idaho, Illinois, Massachusetts, New York, Texas, and Utah. As a result of the outage, vehicle inspections have not been able…
Consumer Reports Releases Model State Privacy Act – More States Introduce Consumer Privacy Legislation
This week, Consumer Reports published a Model State Privacy Act. The Consumer advocacy organization proposed model legislation “to ensure that companies are required to honor consumers’ privacy.” The model legislation is similar to the California Consumer Privacy Act, but seeks to protect consumer privacy rights “by default.” Some additional provisions of the model law…
CafePress to Pay $2 Million in Multi-State Data Breach Settlement
On December 18, seven states have entered into a settlement agreement with e-retailer Cafe-Press for $2 million stemming from a 2019 data breach that exposed information of approximately 22 million consumers. The breach affected consumers’ personal information, including usernames and passwords, Social Security numbers, and/or Taxpayer Identification numbers.
Of the $2 million, $750,000 will be…
City of Hartford Hit with Ransomware Attack, Causing School Delay
Cyber-attackers know that city and town officials have been gearing up for the start of school and the potential for remote learning, in school or a hybrid model all summer. The daily monitoring of the coronavirus has kept officials alert and flexible as they focus on the start of school.
Cyber-attackers also know that cities…
Connecticut Insurance Department Reminds Licensees to Comply with Data Security Law
On July 20, 2020, the Connecticut Insurance Department issued a bulletin to licensees reminding them that the Connecticut Insurance Data Security Law (“Act”) becomes effective on October 1, 2020 and providing guidance on compliance.
The Act requires “all persons who are licensed, authorized to operate or registered, or required to be licensed, authorized or registered…