Connecticut

Data Protection Impact Assessments: Are You Ready?

By Alan Friel & Sasha Kiosse on May 11, 2023

Posted in Automated Employment Decision Tools (AEDT), CAADCA, California, CCPA, Colorado, Connecticut, Connecticut Privacy Act (CTPA), CPA, Data Privacy, Data Protection Impact Assessment, DPIA, Florida, ICPDA, Indiana, Iowa, Local Law 144, Montana, Tennessee, Utah, Virgina, Virginia Consumer Data Protection Act (VCDPA)

This year has widened the landscape of consumer privacy protections, with dozens of comprehensive privacy bills moving through state legislatures and becoming enacted. So far in 2023, Iowa’s Act Relating to Consumer Data Protection (“Iowa Privacy Law”) and Indiana’s Consumer Data Protection Act (“ICDPA”) were signed into law. These two laws join the Virginia Consumer Data Protection Act (“VCDPA”), California Privacy Rights Act (“CPRA”), Colorado Privacy Rights Act (“CPA”), Connecticut’s Public Act No. 22-15 (“CTPA”), and Utah Consumer Privacy Act (“UCPA”) in the state comprehensive consumer privacy law framework. The Iowa Privacy Law becomes effective on January 1, 2025, and the ICDPA becomes effective on July 1, 2026. The VCDPA and CPRA (amending the California Consumer Privacy Act or “CCPA”) went into effect on January 1, 2023, while the CPA and CTPA go into effect on July 1, 2023. The UCPA will go into effect December 31, 2023. …
Continue Reading Data Protection Impact Assessments: Are You Ready?

Final Tennessee Privacy Act Signed into Law, Expanding Consumer Rights and Data Controller Flexibility in Developing and Measuring a Written Privacy Program that May Qualify for an Affirmative Defense to Violations of the Act

By Alan Friel & Julia Jacobson on May 4, 2023

Posted in California, Colorado, Connecticut, Data Privacy, NIST, Ohio, Tennessee, Virgina

This article was originally published on Privacy World on May 4, 2023 and was updated on May 16, 2023.

The Tennessee Information Protection Act (“TIPA”), signed into law on May 11, 2023, is a hodgepodge of the current U.S. state consumer privacy laws, but with a notable twist.

What’s the Same

Like the other state…

Julian Myles, Unsplash

2022 Privacy World Year in Review: CCPA

By Kristin Bryan, Kyle Fath, Marisol Mork & Jesse Taylor on January 30, 2023

Posted in Artificial Intelligence, Attorney General, California, California Attorney General, California Privacy Rights Act (CPRA), CCPA, CCPA, Class Action, Colorado, Compliance, Connecticut, Connecticut Privacy Act (CTPA), Cybersecurity, Data Breach, Data Privacy, General, Litigation, Privacy, Privacy Litigation, Privacy Litigation, US, Virgina

2022 saw cases continue to be filed under the California Consumer Privacy Act (“CCPA”), although perhaps reflecting the increasing reliance of the plaintiffs’ bar on negligence and tort-based privacy claims concerning a defendant’s alleged failure to maintain “reasonable security,” the number of cases of CCPA based claims declined. Read on for Privacy World’s highlights of…

Are You Ready for the 2023 Privacy Laws?

By Alan Friel on January 19, 2023

Posted in California, California Attorney General, California Privacy Rights Act (CPRA), CCPA, Colorado, Compliance, Connecticut, Privacy, US, Virgina

Amendments to the California Consumer Privacy Act (“CCPA”) went into effect on January 1 of this year, as did Virginia’s new privacy law. Virginia’s law is immediately enforceable. While the California amendments are not enforceable until July 1, 2023, on December 31, 2022 the opportunity cure violations before civil penalties could be assessed sunset (at…

Xavier Balderas Cejudo, Unsplash

BREAKING: Former Uber CSO Convicted of Criminal Obstruction and Concealment of a Felony for 2016 Data Breach Cover Up

By Kristin Bryan & Sasha Kiosse on October 5, 2022

Posted in Attorney General, California, CCPA, Class Action, Cloud, Colorado, Compliance, Connecticut, Cyber Insurance, Cybersecurity, Cybersecurity, Data Breach, Data Breach, Data Privacy, Data Privacy, Florida, FTC, General, Illinois, Litigation, Massachusetts, New York, New York, Ohio, Oklahoma, Pennsylvania, Privacy Litigation, Privacy Litigation, Ransomware, SEC, Texas, US, Utah, Virgina, Washington, Wisconsin

After several days of deliberating, a jury today convicted Uber Technologies Inc.’s (“Uber’s”) former chief security officer (the “Former CSO”) of criminal obstruction and concealing the theft of personal data of fifty million Uber customers and seven million Uber drivers from the Federal Trade Commission (“FTC”).

Recall that back in 2016, two hackers stole data…

Kyle Fath appointed to Connecticut Privacy Legislation Working Group

By Squire Patton Boggs on September 30, 2022

Posted in AI, California, Colorado, Compliance, Connecticut, Connecticut Data Privacy Act (CTDPA), Connecticut Privacy Law, Consumer Protection, Cybersecurity, Data Breach, Data Privacy, Digital Technology, General, Team News, US, Utah, Virgina

Kyle Fath, partner in the firm’s Data Privacy, Cybersecurity & Digital Assets group and Los Angeles Office, was appointed this month to serve on the Connecticut Data Privacy Act (CTDPA) working group by the joint standing committee of the Connecticut General Assembly.
…
Continue Reading Kyle Fath appointed to Connecticut Privacy Legislation Working Group

CPW Week in Review

By Kristin Bryan on September 26, 2022

Posted in AI, Articles, Biometric data, BIPA, California, California Age-Appropriate Design Code Act (AADC), California Privacy Rights Act, California Privacy Rights Act (CPRA), CCPA, CCPA, CEF, Colorado, Colorado Privacy Act, Compliance, Connecticut, Connecticut Privacy Act (CTPA), Consumer Protection, COPPA, Cybersecurity, Cybersecurity, Data Breach, Data Breach, Data Privacy, Data Privacy, Data Retention, Digital Technology, EU, European Court of Justice, GDPR, GDPR, General, Litigation, Privacy Litigation, Standard Contractual Clauses (SCCs), Team News, UK, UK Data Transfer Agreement, US, US, Utah, Utah Consumer Privacy Act (UCPA), Virginia Consumer Data Protection Act (VCDPA), Women in Data

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

2023 State Privacy Laws: How to Assess and Ensure Readiness by Year-end

Malcolm Dowden and Niloufar Massachi Discuss Vendor…

2023 State Privacy Laws: How to Assess and Ensure Readiness by Year-end

By Alan Friel, Kristin Bryan, Kyle Fath & Julia Jacobson on September 23, 2022

Posted in California, California Privacy Rights Act (CPRA), CCPA, CCPA, Colorado, Colorado Privacy Act, Compliance, Connecticut, Connecticut Privacy Act (CTPA), Cybersecurity, Cybersecurity, Data Breach, Data Breach, Data Privacy, Data Privacy, Litigation, Privacy Litigation, US, US, Utah, Utah Consumer Privacy Act (UCPA), Virgina, Virginia Consumer Data Protection Act (VCDPA)

We head into the fourth quarter on the heels of the first public California Consumer Privacy Act (CCPA) civil penalty, while also looking ahead to the new state privacy laws in Virginia, Colorado, Connecticut, and Utah and the significant updates that the California Privacy Rights Act (CPRA) will bring to the CCPA. Considering that regulations…