As I wrote about previously on our blog, the Massachusetts Right to Repair amendment passed in November is up against a lawsuit from auto manufacturers. Now, the Massachusetts’ Attorney General’s office has responded stating that the state law does not conflict with any federal statute and that voters already rejected all of the lawsuits allegations.
Massachusetts Ballot Question 1 Still on the Forefront as Automakers Sue to Block its Implementation
By Kathryn Rattigan on
Posted in Data Privacy
A group of automakers through the Alliance for Automotive Innovation is suing Massachusetts in federal court to block the new ‘Right to Repair’ law that passed on November 3rd. This law was known as “Question 1” to Massachusetts residents hitting the polls earlier this month. As we discussed in our prior blog post, the…
Introducing the New York SHIELD Act
By Kathryn Rattigan on
Posted in Enforcement + Litigation
The New York “Stop Hacks and Improve Electronic Data Security Act” (SHIELD Act), N.Y. Gen Bus. Law§ 899-bb, requires businesses that collect private information on New York residents to implement reasonable cybersecurity safeguards to protect that information. While this is a new law in the State of New York, it is simply joining other states,…
New Hampshire Enacts Insurance Data Security Law
By Linn Foster Freedman on
Posted in Data Security
New Hampshire Governor Chris Sununu recently signed the New Hampshire Insurance Data Security Law, which “establishes the exclusive state standards applicable to licensees for data security, the investigation of a cybersecurity event…, and notification to the commissioner.” The law is applicable to all persons or entities licensed, authorized to operate, registered or required to be…
Cities Consider Banning the Use of Facial Recognition Technology
By Linn Foster Freedman on
Posted in New + Now
In the footsteps of San Francisco’s ban of the use of facial recognition technology, the cities of Somerville, Massachusetts, Oakland, California, and Berkeley, California are considering banning the use of facial recognition technology by municipal agencies. The proposed ban is in the midst of more and more cameras and smart technology being used for traffic…
GozNym Malware Attack Hits Two Law Firms for Over $117K in Losses
By Deborah George on
Posted in Enforcement + Litigation
Two law firms were among the latest victims of the GozNym malware attack that caused a combined loss of more than $117,000. Law enforcement authorities recently announced the dismantling of a cybercrime network that used this GozNym malware to attempt to steal an estimated $100 million from victims in the United States and around the…
States Legislate Cybersecurity Requirements for Insurance Companies
By Linn Foster Freedman on
Posted in Cybersecurity
Following in the footsteps of the New York Department of Financial Regulation (NYDFS) in enacting cybersecurity requirements for the financial services industry, and in response to massive data breaches in the insurance industry, a wave of states have either enacted or are pursuing legislation aimed at regulating the cybersecurity measures of insurance companies.
In 2017,…
Utah – The First State to Require a Warrant for Third-Party Data
By Deborah George on
Posted in Data Privacy, Websites
We write about data breaches and privacy issues all the time. We are desensitized in some ways to the fact that our privacy may have been, or will be, compromised and, quite frankly, many people now distrust some of the very companies with which they shared their information. California led the way regarding privacy legislation…
Data Privacy & Security Considerations in Mergers & Acquisitions Due Diligence
By Linn Foster Freedman on
Posted in New + Now
It has long been standard practice to include data privacy and security due diligence in mergers and acquisitions for technology companies. Over the last several years, there has been an increase in data breaches which are costly and damaging to a company’s brand, and therefore, we have seen an uptick in companies including detailed requests…
Do You Have a WISP?
By Linn Foster Freedman on
Posted in New + Now
Although the Massachusetts Data Security Regulations went into effect March 1, 2010, I still find that many companies have not implemented a Written Information Security Program (WISP) and don’t know that they are required to do so.
According to the regulations, any companies or persons who store or use personal information of a Massachusetts resident…