Data Privacy

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Privacy World’s Kristin Bryan talks to Bloomberg Law on the Supreme Court’s In re Grand Jury Dismissal | Privacy World

2022 saw cases continue to be filed under the California Consumer Privacy Act (“CCPA”), although perhaps reflecting the increasing reliance of the plaintiffs’ bar on negligence and tort-based privacy claims concerning a defendant’s alleged failure to maintain “reasonable security,” the number of cases of CCPA based claims declined. Read on for Privacy World’s highlights of

California Attorney General Rob Bonta announced today an investigative sweep of mobile apps, focused on popular apps in the retail, travel, and food service industries that fail to comply with the California Consumer Privacy Act (CCPA). According to a press release, the sweep is focused on apps that allegedly fail to comply with consumer opt-out requests or do not offer any mechanism for consumers who want to stop the sale of their data. The press release also highlights enforcement in relation to handling of agent requests, namely through an agent service created by Consumer Reports called “Permission Slip.”

Continue Reading California AG Announces CCPA Compliance Sweep of Mobile Apps ahead of Data Privacy Day

Last summer, the Court of Appeals for the Ninth Circuit buoyed plaintiffs’ lawyers  interest in “session replay” software when it revived a putative class action against a website operator and a session replay software provider for violations of the California Invasion of Privacy Act (CIPA).  Earlier this month, addressing issues left by the Ninth Circuit

Privacy World has been talking about the importance of data inventories for years. Why? Because it is next to impossible to build a compliant privacy and data security program without first doing a data inventory. A data inventory will serve as a roadmap to help a company meet various privacy and security compliance milestones. Yet, completing a data inventory is one of the hardest and most daunting parts to building a privacy program. At least it was for Katy when she was in-house as a Global Data Protection Officer. The alternative to proactively creating a data inventory is trying to hastily create one during the middle of an incident response or responding to a regulatory demand, which Katy and Shea have seen numerous times helping clients during a crisis. Indeed, building a data inventory during a time of turmoil is the worst time to confirm a company’s data processing practices, and we want to help you avoid this worst-case scenario as you work to build out your 2023 privacy and data security compliance action plan.
Continue Reading Kick Start Your Data Inventory Project in 7-Steps

2022 was another year of high activity and significant developments in the realm of artificial intelligence (“AI”) and biometric privacy related matters, including in regard to issues arising under the Illinois Biometric Information Privacy Act (“BIPA”) and others.  This continues to be one of the most frequently litigated areas of privacy law, with several notable rulings and emerging patterns of new activity by the plaintiffs’ bar.  Following up on Privacy World’s Q2 and Q3 2022 Artificial Intelligence & Biometric Privacy Quarterly Newsletters, be sure to read on for a recap of key developments and insight as to where 2023 may be headed.

Continue Reading Privacy World 2022 Year in Review: Biometrics and AI

The IAPP has gathered predictions from privacy professionals in 56 nations across six continents in their publication 2023 Global Legislative Predictions. Charles Helleputte and Diletta De Cicco provide their predictions for Belgium.
Continue Reading 2023 Global Legislative Predictions – Belgium

The California Privacy Protection Agency Board (“Board”) announced it will hold a public meeting on February 3, 2023. The posted meeting agenda shows the potential for rulemaking activity during the Board’s first meeting of 2023. Specifically, the agenda items include: “Discussion and Possible Action Regarding Proposed Regulations, Sections 7000–7304, to Implement, Interpret, and Make Specific the California Consumer Privacy Act of 2018, as Amended by the California” and “Preliminary Rulemaking Activities for New Rules on Risk Assessments, Cybersecurity Audits, and Automated Decision-Making.” The full agenda is available here.
Continue Reading Potential Rulemaking on the Horizon: CPPA Board Announces February Public Meeting

Last week, a federal court in California dismissed a complaint concerning allegations that Otonomo, a data broker that partnered with car manufacturers, “used electronic devices in [drivers’] cars to send real-time GPS location data directly to [defendant],” allowing Otonomo to track drivers’ location in real-time.  Read on to learn more about what this means for