Although numerous attempts have been made to pass a comprehensive U.S. privacy law over the years, this one might actually succeed. Efforts have begun on multiple fronts. From Senate Commerce Committee hearings to several federal agencies vying for which will lead a federal regulatory effort, privacy is a hot topic in Washington, DC. Businesses should take immediate action to enter the discussions if they have not already done so. Comments on a proposed federal framework are due October 26, 2018. The Commerce Committee will hold additional hearings in October. Industry is coming to the table in an attempt to avoid facing a jumble of inconsistent state privacy laws.
By: Joseph Lynyak, Robert Cattanach, and Sam Bolstad 1. Introduction On June 28, 2018, the California Legislature unanimously passed, and the Governor immediately signed, a sweeping expansion of data privacy protections for residents of California.1 Assembly Bill No. 375, entitled the “California Consumer Privacy Act of 2018” (the “CCPA”), goes far beyond current U.S. privacy protections,… Read More
In what could be a harbinger of things to come for business models negatively impacted by the throttling of data flow under the European Union’s General Data Protection Regulation (“GDPR”), Nielsen Holdings (“Nielsen”) was named in a putative class action complaint on August 22, 2018, for allegedly misrepresenting the anticipated effects of GDPR on Nielsen’s business model. Importantly, the class action takes aim not at Nielsen’s ability to comply with GDPR, but rather the effects of GDPR on the big data platforms used by Nielsen. Nielsen provides consumer market analytics, particularly regarding digital media and e-commerce. When big data platforms and associated analytic providers began restricting access to consumer data in order to comply with GDPR, it apparently negatively impacted Nielsen’s business model. Those effects surfaced in Nielsen’s latest Q2 financial report, causing its stock to drop by more than 25 percent, and giving rise to the class action claims.
Financial institutions that are grappling with how the European Union’s General Data Protection Regulation (“GDPR”)may impact their U.S. operations should also be keeping a close eye on the California Consumer Privacy Act of 2018 (“CCPA”). The CCPA, or Assembly Bill (“AB”) No. 375, which was passed on June 28, 2018 and is set to take effect in 2020, mirrors some GDPR protections by providing California residents greater control over the dissemination of their personal data, including the option of barring companies from selling their data.
Back in 1972, California voters added privacy to the state constitution’s list of inalienable rights. On June 28, 2018, the California Legislature enacted and Governor Brown signed the California Consumer Privacy Act of 2018. The new Privacy Law creates one of the most comprehensive frameworks for regulating digital privacy in the United States.
On June 1, China’s new Cybersecurity law took effect. The new law applies not only to domestic Chinese companies but has wide-ranging implications for U.S. and other foreign companies doing business in China.
On 10 January 2017, the European Commission announced its proposal for new legislation which would update the law relating to privacy in electronic communications. The Commission has proposed a draft ePrivacy regulation that would repeal and replace the existing ePrivacy Directive (2002/58/EC) (“ePrivacy Directive”). The draft regulation aims to further the Commission’s Digital Single Market Strategy by complementing and conforming privacy rules in the telecommunications sector with the General Data Protection
On November 7, 2016, the Standing Committee of China’s National People’s Congress promulgated the Cybersecurity Law of the People’s Republic of China (hereinafter referred to as the “CSL”) to become effective on June 1, 2017. While the law purports to create an overall national cyber security plan, its provisions, some of which are still vague, create significant potential uncertainties for companies doing business in China.
Ransomware. It’s a data security buzzword that has caught on among civilians and businesses. And it’s real. It threatens system security and costs victims plenty. But what is ransomware? Why is it more of a threat than typical cyber viruses and infections? What do you do to keep yourself immune from ransomware? If affected, what are your options?
Microsoft scored an important victory when the Second Circuit ruled that the government is not authorized to issue warrants for customer data stored overseas. In re Warrant to Search a Certain E-mail Account Controlled & Maintained by Microsoft Corp. should offer a level of comfort for the cloud computing industry as a whole and for U.S. companies that have an international storage footprint.