This week, Consumer Reports published a Model State Privacy Act. The Consumer advocacy organization proposed model legislation “to ensure that companies are required to honor consumers’ privacy.” The model legislation is similar to the California Consumer Privacy Act, but seeks to protect consumer privacy rights “by default.” Some additional provisions of the model law
new york
Governor Cuomo Announces New Proposal for a Consumer Data Privacy Bill of Rights
New York Governor Andrew Cuomo recently announced his proposal for a comprehensive data security law that will “provide New Yorkers with transparency and control over their personal data and provide new privacy protections.” The proposal also would establish a Consumer Data Privacy Bill of Rights that would guarantee “the right to access, control, and erase…
Canon Hit with Data Breach Class Action Suit by Former and Current Employees
Canon U.S.A. Inc. (Canon) was hit with a class action lawsuit in the U.S. District Court for the Eastern District of New York this week for the ransomware attack that exposed current and former employees’ personal information in November 2020. The plaintiffs reside in Ohio, New York, Florida and Illinois, and allege that Canon was…
CafePress to Pay $2 Million in Multi-State Data Breach Settlement
On December 18, seven states have entered into a settlement agreement with e-retailer Cafe-Press for $2 million stemming from a 2019 data breach that exposed information of approximately 22 million consumers. The breach affected consumers’ personal information, including usernames and passwords, Social Security numbers, and/or Taxpayer Identification numbers.
Of the $2 million, $750,000 will be…
Walmart’s COVID-19 Testing by Drone Pilot Program
If you live within a one and a half-mile radius of the east side of the Walmart store in El Paso, Texas in a single-family home, within a one-mile radius of the North Las Vegas Walmart store in a single-family home, or within a one-mile radius of the Cheektowaga, New York Walmart store, then you…
OCR Settles with NY Spine for Failure to Provide Access to Records
Continuing its enforcement priority of assisting patients with obtaining access to their health records, the Office for Civil Rights (OCR) recently settled its ninth case with a covered entity that it alleged failed to provide proper access of health records to a patient.
NY Spine Medicine, a medical practice providing neurological and pain management series…
Guidance on Using Drones for Real Estate and Construction in Dense Cities: How Much Does the Public Value Privacy? (Part II)
As our previous post stated, the commercial use of drones, or small unmanned aerial systems (sUAS), for urban real estate and construction has gained some traction with the passage of the New York City Council’s bill requiring the Department of Buildings (DOB) to study the feasibility of using sUAS to inspect building facades. With this…
Privacy Tip #251 – DOJ Charge Four Men with Defrauding Thousands of Senior Citizens in Mail Schemes
The Department of Justice recently indicted four men—two of whom are located in Canada and two in New York—for a mass-mailing scheme that bilked thousands of senior citizens out of tens of millions of dollars.
According to the indictments, the accused Canadian fraudsters sent mail to thousands of elderly individuals whose names and addresses they…
Privacy Tip #221 – How Do We Personally Prepare for a Cyber-Attack on Critical Infrastructure?
Pretty much the only time I don’t feel like I am Chicken Little predicting a massive cyber-attack is when I am with my colleagues at the FBI, Secret Service, NSA and my students in the Brown Executive Masters of Cybersecurity who are members of the military. They don’t respond to my thoughts and fears of…
New York DFS Issues Risk Alert Concerning Possible Iran Cyber-Attacks
In view of Iran’s vows to retaliate against the United States for the death of Quassem Soleimani, the NYDFS has issued an industry letter to all regulated entities regarding the need for heightened cybersecurity precautions.
The letter notes that it “is particularly concerning that Iran has a history of launching cyber-attacks against the U.S. and…