Insights on Privacy, Data Protection & Data Security

The California Consumer Privacy Act (CCPA) is a new landmark privacy law that formally went into effect on January 1, 2020, imposing additional requirements on covered entities, including data brokers.

Headlines that matter for privacy and data security.

The Recorder has selected Eva Pulliam, a Senior Associate in Arent Fox’s Privacy, Cybersecurity & Data Protection group, as a “Next Generation Leader” in their 2018 list of Women Leaders in Tech Law.

Starting on January 1, 2020, automotive dealers will need to comply with the strongest online privacy law in the United States, the California Consumer Privacy Act of 2018.

This August, Ohio became the first state in the nation to pass a law incentivizing organizations to develop a strong data protection and cybersecurity program.

Last week, the Supreme Court heard arguments in Lamps Plus, Inc. v. Frank Varela, a case with major implications for companies seeking to avoid class arbitration.

Colorado’s new consumer data protection law, the Protections for Consumer Data Privacy Act, took effect September 1 and companies now have another set of requirements to comply with for their data privacy compliance.

Starting on January 1, 2020, fashion and retail companies from around the world will need to comply with the strongest online privacy law in the United States, the California Consumer Privacy Act of 2018.

This two-part article on how the courts have analyzed claims for coverage under traditional crime policies, protocols, and procedures that companies can use to reduce the risk of falling victim to cyber phishing scams appeared in Pratt’s Privacy & Cybersecurity Law Report.

Arent Fox San Francisco Managing Partner and Sports Practice Group Leader Rich Brand and Privacy, Cybersecurity & Data Protection Senior Associate Eva Pulliam co-authored the article, “Faces in the Crowd: Legal Considerations for Use of Facial Recognition Technology at Sports Arenas.”

We are pleased to provide you with the new, 2018 version of the Arent Fox Survey of Data Breach Notification Statutes.

The General Data Protection Regulation, commonly referred to as the “GDPR,” has been in force for only two months now, but it appears to have already claimed a casualty.

Following the US Supreme Court’s narrow ruling in Carpenter v. United States, 585 US ___ (2018) questions have arisen regarding whether this interpretation would remain limited or be expanded in future privacy disputes that came before the High Court.

The Supreme Court of the United States recently tackled privacy in the mobile age and agreed that cell phone location is something that is protected.

Within hours of its unanimous passing in both the California State Senate and Assembly, Governor Jerry Brown signed the strongest online privacy law in the country, the California Consumer Privacy Act of 2018.

South Carolina has become the first state to enact an insurance data security act based on the Insurance Data Security Model Law drafted by the National Association of Insurance Commissioners, which is based on New York’s Cybersecurity Regulations (23 N.Y.C.R.R. Part 500).

On March 28, 2018, the Governor of Alabama, Kay Ivey, signed SB 318, the Alabama Data Breach Notification Act, which becomes effective June 1, 2018. Alabama is just behind South Dakota, which enacted its data breach notification statute this past March.

Arent Fox is pleased to announce the launch of a new Blockchain group that pulls together attorneys from a number of the firm’s top practices to help clients navigate this emerging technology.

On March 21, 2018, South Dakota became the forty-ninth state to enact a data breach notification statute, which becomes effective July 1, 2018.

New York’s highest court has rejected Lindsay Lohan’s invasion of privacy claims against the developer of the Grand Theft Auto video games.

Got blockchain? For many, the answer to this question is “no” but the technology and the medium of exchange built on it have arrived and many platforms and industries are looking to see how it can help facilitate transactions and allow for more efficiencies.

In an attempt to unite disparate regulatory decisions covering cryptocurrency activity in New York, the New York State Assembly has introduced a new bill creating a comprehensive certification scheme for cryptocurrency businesses that includes protections for investors.

In Rosenbach v. Six Flags, the Illinois Supreme Court addressed the threshold issue of who is considered an “aggrieved” person capable of suing under the private right of action provided for in Illinois’ Biometric Information Privacy Act. 

Matthew Prewitt is a member of the drafting team for The Sedona Conference Commentary on BYOD: Principles and Guidelines for Developing Policies and Meeting Discovery Obligations.

In a recent European Court of Justice Ruling, the court held that a test taker’s answers and an examiner’s comments with regard to those answers are personal data, while valuable proprietary test questions are not.