Privacy & Cybersecurity
Viewpoints
Filter by:
First-Ever CCPA Cause of Action Filed in a Federal Court, but Is This Class Claim Short-Lived?
March 25, 2020 | Blog | By Cynthia Larose
Although it may not seem like it, there are privacy-related issues to discuss beyond COVID-19. Before the state of emergency, we saw the first complaint under the California Consumer Privacy Act (CCPA) filed in a California federal court. This action, styled as Fuentes v. Sunshine Behavioral Health Group, LLC, Case No. 8:20-cv-00487 (C.D. Cal. March 10, 2020)[LINK TO PDF], arose from a data breach, which allegedly exposed highly sensitive personal and medical information of thousands of patients of Sunshine Behavioral Health Group (“Sunshine”).
Read more
Privacy In The Time of COVID-19: Engendering Customer Trust When Governments Ask For Smartphone And Other Data To Track Virus Activity
March 24, 2020 | Blog
With the advent of COVID-19, countries around the world are facing a novel challenge that affects them in unprecedented ways economically, socially, and otherwise. From a public health perspective, now perhaps more than ever before, authorities are interested in understanding more about the movement patterns of those within their borders, including where certain individuals have traveled to, who they have met with, and where they are located now.
Read more
Coronavirus and Data Protection in the Workplace: The EDPB provides key guidance for companies with employees in Europe
March 23, 2020 | Blog
Companies with employees in multiple European locations may well be feeling challenged both in keeping up with public health-driven guidance – and more recently, mandates – relating to the SARS-COV2 risks in the workplace. On top of extraordinarily urgent efforts to limit the spread of the novel coronavirus while maintaining as much business continuity as possible, companies have legitimate concerns about their data protection obligations under the General Data Protection Regulation (GDPR) and national employment laws.
Read more
FINRA Warns Member Firms of COVID-19 Related Cybersecurity Risks
March 18, 2020 | Blog | By Cynthia Larose
The Financial Industry Regulatory Authority (FINRA), the independent nongovernmental organization that writes and enforces the rules governing U.S. registered brokers and broker-dealers, has issued guidance to its member firms regarding pandemic-related planning.
Read more
New York Demands Coronavirus Emergency Plan from Crypto Firms by April 9th and Adds Requirements for Boards and CEOs
March 17, 2020 | Blog | By Cynthia Larose
The New York Department of Financial Services (NYDFS) issued guidance to financial institutions engaged in virtual currency business activities, mandating that an emergency preparedness plan from each firm be submitted to NYDFS within 30 days from March 10, 2020. The agency also outlined the respective responsibilities of the boards of directors, senior management, and CEOs (or their equivalents).
Read more
Coronavirus (COVID-19): Managing Cyber Security Risks of Remote Work
March 13, 2020 | Blog | By Christopher Buontempo, Cynthia Larose
With cases of the Novel Coronavirus (COVID-19) emerging in nearly every state, many businesses are taking swift action in an effort to curb its spread. Teleworking, “remote working,” or simply “working from home,” is a centerpiece of those efforts. While remote working arrangements may be effective to slow the community spread of COVID-19 from person to person, they present cybersecurity challenges that can be different than on-premise work.
Read more
Beware the Coronavirus Email Scams
March 6, 2020 | Blog | By Cynthia Larose
COVID-19 is not the only virus associated with the global outbreak. As predictably as night follows day, cybercriminals have been using the epidemic as a means to spread their malicious payloads. Companies should include information about cyber hygiene along with the CDC recommendations of hand washing, particularly given the potential for increased remote access to corporate IT systems.
Read more
Analysis of Modified Attorney General Regulations to CCPA – Part 5: Discriminatory Practices and Financial Incentives
February 21, 2020 | Blog | By Cynthia Larose
Wrapping up our multi-part series on the recent revisions to the CCPA draft regulations issued earlier this month by the California Attorney General’s office, we look at Article 6 pertaining to non-discrimination and financial incentives.
Read more
Health Care Data Breaches Are Increasing Both in Number and Cost
February 20, 2020 | Blog
It feels like we’ve been seeing a lot more health care breaches caused by hackers and other IT security incidents recently, and there’s a good reason why: a recent report by cloud security company Bitglass confirms that both the number of breaches and individuals affected by breaches caused by hackers and IT incidents grew significantly last year. Bitglass analyzed data from the breach portal, affectionately known as the “Wall of Shame,” published by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). Pursuant to the HITECH Act, HHS is required to post a list of all reported breaches that affect 500 or more individuals. OCR classifies the types of breaches reported on the Wall of Shame, and the "Hacking/IT Incident" category includes a variety of breaches, including malicious intrusion, malware, ransomware, phishing, and general IT security failures.
Read more
Analysis of Modified Attorney General Regulations to CCPA – Part 4: Special Rules for Minors
February 20, 2020 | Blog | By Cynthia Larose
In this post, we offer insights on the revisions recently made by the California Attorney General’s office to Article 5 of its draft regulations pertaining to special rules regarding minors. Article 5 imposes special requirements on businesses that sell the personal information of children and minors. We previously reported on this part of the draft regulations.
Read more
Analysis of Modified Attorney General Regulations to CCPA—Part 3: Verification of Requests
February 19, 2020 | Blog | By Cynthia Larose
In this post, we offer insights on the revisions recently made by the California Attorney General’s office to Article 4 of its draft regulations pertaining to verification requirements. Article 4 specifies how businesses should verify consumers’ identities when they receive consumers’ data requests. We previously reported on this part of the draft regulations.
Read more
UPDATE: WPA Passes Washington State Senate
February 19, 2020 | Blog | By Cynthia Larose, Christopher Buontempo
The Washington Privacy Act has overwhelmingly passed the Washington state senate by a vote of 46-1. Similar legislation passed the state senate last year and failed in the Washington house of representatives. We will track the bill in the Washington house and update on its status.
Read more
Analysis of Modified Attorney General Regulations to CCPA – Part 2: Business Practices for Handling Consumer Requests
February 14, 2020 | Blog | By Cynthia Larose
We previously provided insights into this important portion of the regulations here. In this installment we address important revisions provided by the AG’s office to Article 3 of these regulations, several of which will have far reaching implications.
Read more
UPDATE: Analysis of Attorney General Regulations to the CCPA (as Updated February 10, 2020) – Part 1: Notices to Consumers
February 13, 2020 | Blog | By Christopher Buontempo, Cynthia Larose
Back in October, we provided a summary of Article 2 of the California Attorney General’s Initial Proposed CCPA draft regulations, which specify certain notices that must be given to consumers at the time of collection of their personal information, including consumers’ rights to opt-out of the sale of their personal information, and notices of financial incentives a business may offer in exchange for consumers’ personal information.
Read more
Friendly Reminder: HIPAA Still Applies During the Coronavirus Outbreak
February 12, 2020 | Blog
As the coronavirus remains to be an active outbreak with cases increasing within the United States, this is a good time to review how HIPAA applies in a public health emergency, including its restrictions and flexibility in these types of situations. Accordingly, last week, the Office for Civil Rights (OCR) released a helpful bulletin on how the HIPAA Privacy Rule comes into play with the coronavirus outbreak and other public health emergencies.
Read more
Updated Attorney General Regulations to the CCPA – A Series
February 12, 2020 | Blog | By Cynthia Larose
The revised draft regulations to the California Consumer Privacy Act were issued by the California Attorney General’s office on February 7, and then modified on February 10. These amendments are open for public comment under Tuesday, February 25, 2020 at 5 pm PST. Starting tomorrow, we will update our October 2019 series of analyses of the various provisions of the draft regulations and operational impacts.
Read more
California AG Issues Revised Draft CCPA Regulations
February 10, 2020 | Blog | By Cynthia Larose
Late in the afternoon on Friday, the California Attorney General dropped the long-awaited revised draft regulations implementing the California Consumer Privacy Act of 2018 (CCPA). The AG’s office provided a redline to the initial draft regulations, which we have previously discussed.
Read more
The View from DC: Expansion of COPPA?
February 7, 2020 | Blog | By Christian Tamotsu Fjeld, Christopher Harvie, Cynthia Larose
Representative Kathy Castor (D-FL) has introduced the Protecting the Information of Our Vulnerable Children and Youth Act (PRIVCY ACT), which is a significant rewrite of the Children’s Online Privacy Protection Act (COPPA). In so doing, the bill expands the scope of COPPA’s protections and creates new enforcement mechanisms. The children advocacy groups, Common Sense Media and the Campaign for a Commercial-Free Childhood, have come out in public support of the bill, as has the privacy advocacy group, the Center for Digital Democracy.
Read more
The First Wave of CCPA Allegations Makes Its Way Into a New Data Breach Class Action Against Salesforce and Hanna Andersson
February 6, 2020 | Blog
The companies Salesforce.com, Inc. and Hanna Andersson, LLC are on the receiving end of a novel lawsuit, which appears to be the very first data breach class action ever filed with alleged violations of the California Consumer Privacy Act (“CCPA”). The case is styled as Barnes v. Hanna Andersson, LLC , N.D. Cal., Case No. 20-cv-00812.
Read more
UPDATED: It’s Déjà vu All Over Again: Washington Privacy Act Fails to Pass
February 4, 2020 | Blog | By Christopher Buontempo, Cynthia Larose
Aristotle first suggested that “nature abhors a vacuum,” meaning that where there is a void, the universe seeks to fill it. Although there has been some movement in Congress towards comprehensive federal privacy legislation states like California have taken up the gauntlet to fill the vacuum. We now have the California Consumer Privacy Act (CCPA) in force and expect to see other states take up similar laws this year.
Read more
Viewpoint Editors
Cynthia J. Larose
Member / Chair, Privacy & Cybersecurity Practice
John B. Koss
Managing Director, E-Data Consulting Group
Dianne J. Bourque
Member
Christopher J. Harvie
Member
Kevin M. McGinty
Member / Co-chair, Class Action Practice
Explore Other Viewpoints:
- Antitrust
- Appellate
- Arbitration, Mediation & Alternate Dispute Resolution
- Artificial Intelligence
- Awards
- Bankruptcy & Restructuring
- California Land Use
- Class Action
- Complex Commercial Litigation
- Construction
- Consumer Product Safety
- Cross-Border Asset Recovery
- Debt Financing
- Direct Investing (M&A)
- Diversity
- EB-5 Financing
- Education & Nonprofits
- Employment
- Energy & Sustainability
- Environmental Enforcement Defense
- Environmental Law
- FDA Regulatory
- Federal Circuit Appeals
- Financial Institution Litigation
- Government Law
- Growth Equity
- Health Care
- Health Care Compliance, Fraud and Abuse, & Regulatory Counseling
- Health Care Enforcement & Investigations
- Health Care Transactions
- Health Information Privacy & Security
- IP Due Diligence
- IPRs & Other Post Grant Proceedings
- Immigration
- Insolvency & Creditor Rights Litigation
- Institutional Investor Class Action Recovery
- Insurance & Financial Services
- Insurance Consulting & Risk Management
- Insurance and Reinsurance Problem-Solving & Dispute Resolution
- Intellectual Property
- Investment Funds
- Israel
- Licensing & Technology Transactions
- Life Sciences
- Litigation & Investigations
- M&A Litigation
- ML Strategies
- Medicare, Medicaid and Commercial Coverage & Reimbursement
- Mergers & Acquisitions
- Patent Litigation
- Patent Prosecution & Strategic Counseling
- Pharmacy Benefits and PBM Contracting
- Portfolio Companies
- Privacy & Cybersecurity
- Private Client
- Private Equity
- Pro Bono
- Products Liability & Complex Tort
- Projects & Infrastructure
- Public Finance
- Real Estate Litigation
- Real Estate Transactions
- Real Estate, Construction & Infrastructure
- Retail & Consumer Products
- Securities & Capital Markets
- Securities Litigation
- Special Purpose Acquisition Company (SPACs)
- Sports & Entertainment
- Strategic IP Monetization & Licensing
- Tax
- Technology
- Technology, Communications & Media
- Technology, Communications & Media Litigation
- Trade Secrets
- Trademark & Copyright
- Trademark Litigation
- Venture Capital & Emerging Companies
- White Collar Defense & Government Investigations
- Women's Health and Technology