data privacy

The past week witnessed two major developments relating to data export from China. On one hand, the data export-related regulation was officially adopted which expands the scope of government assessment. On the other hand, the long-awaited draft personal data export standard contract and the rules relating to the application of the contract were released for

The California Privacy Protection Agency (“CPPA” or “Agency”) hosted its first public meeting yesterday following publication of the first draft of proposed regulations (“Regs”) (on May 27) and the initial statement of reasons (“ISOR”) on June 3. Immediately below, we summarize highlights of the meeting held by the CPPA, including taking a further step towards

Connecticut is gearing up to be the next state with a comprehensive privacy law. On April 28, 2022, the Connecticut General Assembly passed SB 6, “An Act Concerning Personal Data Privacy and Online Monitoring,” which is currently with the governor awaiting signature.  Of the state laws that have passed, SB 6 is most similar to the Colorado Privacy Act (“CPA”), Virginia Consumer Data Protection Act (“CDPA”), and Utah Consumer Privacy Act (“UCPA”). For example, under SB 6, the terms “controller,” “processor,” and “personal data” have similar definitions as under the CPA, CDPA, and UCPA.
Continue Reading Connecticut General Assembly Passes Comprehensive Privacy Bill

As we covered at the end of last month, the California Attorney General is targeting loyalty programs in a recent enforcement sweep alleging noncompliance with the California Consumer Privacy Act (CCPA). CPW’s Kyle Dull, a Senior Associate in Squire Patton Boggs Data Privacy, Cybersecurity & Digital Assets Practice, was recently interviewed by Law360 concerning businesses’ data practices in the operation of their loyalty programs. You can check out the Law360 article and his comments here. From the article:
Continue Reading Loyalty Program CCPA Compliance: Kyle Dull Talks to Law360

‘Tis the season.

Cybercrimes always increase during the holidays, but this year could reach new threat levels. With COVID-19 (and as confirmed by the decreased Black Friday foot traffic versus the increased Cyber Monday sales), Americans are expected to do most of their holiday shopping online this year.  In response to this development, the Cybersecurity

The Eleventh Circuit recently took a huge bite out of consumers’ ability to bring class actions. In Muransky v. Godiva Chocolatier, Inc., 2020 U.S. App. LEXIS 33995 (11th Cir. Oct. 28, 2020) (en banc), the court uprooted the circuit’s plaintiff-friendly view of standing and forcefully held that consumers can’t sue for technical statutory violations.

CCPA-California-Consumer-Privacy-Act

On March 11, 2020, the California Attorney General (“AG”) published a second round of modifications to the proposed regulations under the California Consumer Privacy Act of 2018 (“CCPA”). The AG initially published the proposed regulations in October 2019 and then published modifications to such proposed regulations in February 2020. The deadline for submitting comments on this draft of modifications to the proposed CCPA regulations is Friday, March 27, 2020, at 5:00 p.m. PDT.

The March 27, 2020, 5:00 p.m. timetable indicates that the final rules may be in force before the July 1, 2020, deadline set by the CCPA. Organizations currently working toward CCPA compliance should expect the AG to commence investigative activity as soon as the rulemaking process concludes.

What Has Changed?

The modifications are generally minor and technical, with a few exceptions. The modifications were made in response to approximately 100 comments received on the second draft of the proposed regulations that were submitted to the AG’s office between February 7, 2020 and February 25, 2020.

The most recent modifications to the proposed regulations include the following:
Continue Reading California Attorney General Proposes Further Modifications to Proposed CCPA Regulations