Recently, the US Department of Homeland Security’s (DHS) Cybersecurity & Infrastructure Security Agency (CISA) issued a notice of proposed rulemaking (NPRM) which, if adopted, would require “covered entities” of critical infrastructure to report “substantial cyber incidents” to CISA within 72 hours, and to report ransomware payments within 24 hours.
Illinois Biometric Information Privacy Act (BIPA) class action lawsuits were heavily litigated again in 2022, as plaintiffs continued to target companies using biometric technology and their vendors. At the same time, avoiding liability continued to be a challenge for businesses defending BIPA cases
According to a recent unpublished Ninth Circuit ruling, obtaining consent prior to using recording technologies is required for purposes of the California Invasion of Privacy Act (CIPA). This ruling is notable for website operators as it signals obtaining targeted consent.
Five new state omnibus privacy laws have been passed and will go into effect in 2023.
Organizations should review their privacy practices and prepare for compliance with these new privacy laws.
The Federal Trade Commission (FTC) recently cracked down on Lithionics Battery, LLC, and Lions Not Sheep Products, LLC, for violating the FTC’s Made in USA Labeling Rule. These are some of the first enforcement actions after the FTC codified its longstanding informal Made in USA guidance.
As technology becomes increasingly a part of student learning, education technology (ed tech) companies, parents, and educators should stay abreast of children’s privacy rights under the Children’s Online Privacy Protection Act (COPPA).
Over half a decade after the industry developed its own standards in light of a lack of meaningful guidance from regulators, the Department of Justice recently issued a guidance document on compliance with the Americans with Disabilities Act (ADA) for website accessibility.
The California Senate appropriations committee recently blocked a bill that would have significantly strengthened consumer rights under the California Consumer Privacy Act of 2018 (CCPA).
Within hours of its unanimous passing in both the California State Senate and Assembly, Governor Jerry Brown signed the strongest online privacy law in the country, the California Consumer Privacy Act of 2018.
Major regulatory changes in data governance recently went into effect in Japan and China that are likely to impact organizations doing business in these Asian markets.
An Executive Order from President Trump’s first days in office raised questions about its impact on the hard-won Privacy Shield, which allows about 1,700 companies to legally transfer data between the EEA and Switzerland and the US.
The Federal Trade Commission (FTC) recently issued guidance for both businesses and consumers on defending against ransomware, both of which are based on lessons learned from the FTC’s recent ransomware workshop, with panelists that included security researchers, technologists, law enforcers, and bu