Leveraging Knowledge to Manage Your Data Risks
On April 21, 2025, the Oregon Department of Justice’s Privacy Unit reported a “big spike” in complaints about the Department of Government Efficiency (DOGE) in the first quarter of 2025.
The report stated, “Specifically, Oregonians are concerned about how government entities are handling their personal information. As of March 31, 2025, the unit had received…
On March 27, 2025, a class action lawsuit was filed against the education technology (EdTech) company Instructure, the parent company of Canvas, a popular learning management system. The complaint alleges that Instructure violated children’s federal and state privacy rights. According to the complaint, Instructure states that it collects various account information about children, including name…
I am not sure what the rush was to make the JFK assassination files available, but the perceived urgency caused Social Security numbers of individuals involved in the investigation to be released to the public. Although The Washington Post found 3,500 Social Security numbers in the documents, it is estimated that many were duplicates…
We have repeatedly warned our readers about malicious QR codes and their use by threat actors.
Threat actors are now using these codes to disguise packages as gifts. Upon opening the package, recipients find a note with instructions to scan a QR code to identify the sender. The code launches a website that asks for…
I was preparing to teach my next privacy law class on the subject matter of online privacy, when I discovered a good article (though in full disclosure, it is an ad) on protecting your privacy and personal information online. I have written about different ways to protect your privacy during online activities, but since technology…
The Chicago Public Schools system is in the process of notifying students, families and some current and former employees that their personal information was compromised as a result of a ransomware attack against a technology vendor, Battelle for Kids.
According to the notification letter, parents of students who attended a Chicago public school between…
The California Privacy Rights Act (CPRA) recently qualified for the November 2020 ballot, and if California voters approve this initiative, the CPRA will expand the rights of California residents under the current (stringent) California Consumer Privacy Act (CCPA), beginning on January 1, 2023.
So what will change under the CPRA?
…
This week we continue our series of articles on the California Consumer Privacy Act of 2018 (CCPA). We’ve been discussing the broad nature of this privacy law and answering some general questions, such as what is it? Who does it apply to? What protections are included for consumers? How does it affect businesses? What rights…
On June 28, 2018, the California State Legislature passed, and Governor Jerry Brown signed, the California Consumer Privacy Act of 2018, bringing to the United States many of the rights and compliance obligations currently being applied by the European Union through its General Data Protection Regulation (GDPR). Effective January 1, 2020, the Act gives California…
On June 4, 2018, Connecticut Governor Dannel P. Malloy signed into law Public Act No. 18-90 “An Act Concerning Security Freezes on Credit Reports, Identity Theft Prevention Services and Regulations of Credit Rating Agencies” (P.A. 18-90). This bill makes several revisions to Connecticut laws concerning identity theft, most notably by newly prohibiting credit…
