Texas

Privacy teams have more to do with Gov. Abbot signing the Texas Data Privacy and Security Act, also known as TX HB 4 (the “Act”), after several last minute amendments. This is in addition to new comprehensive privacy laws from Tennessee (also amended late in the game before submission to the Governor), Indiana, Iowa, Montana and Florida that have passed this spring alone.

Importantly, there is not a minimum number of records processed or annual revenue threshold for businesses to be in the scope of the law. It has broad applicability to companies who do business in the state and who process or sell personal data. It does contain the usual entity and data level exceptions (e.g., GLBA, HIPAA, FCRA, etc.) and explicitly excludes data collected in the human resources or business-to-business context.
Continue Reading Don’t Mess with Texas: The Lone Star State Enacts Comprehensive Consumer Privacy Law

After several days of deliberating, a jury today convicted Uber Technologies Inc.’s (“Uber’s”) former chief security officer (the “Former CSO”) of criminal obstruction and concealing the theft of personal data of fifty million Uber customers and seven million Uber drivers from the Federal Trade Commission (“FTC”).

Recall that back in 2016, two hackers stole data

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

CPW’s Shea Leitch and Kyle Dull to Speak at ACC South Florida’s 12th Annual CLE Conference

CPW’s David Oberly

By now, most CPW readers are very familiar with the term “BIPA”—the acronym used for Illinois’s game-changing biometric privacy law, which has led to a barrage of class action litigation pursued against companies that use biometric data in their commercial operations. BIPA is not, however, the only biometric privacy law on the books that presents