New Hampshire, the Granite State, Joins Privacy Law Deluge: Sets Its Law in Stone
Sheppard Mullin's Eye On Privacy
by Liisa Thomas and Kathryn Smith*
1d ago
New Hampshire’s governor has signed into law the second state comprehensive privacy law of 2024. The law takes effect on January 1, 2025 – the same day as Iowa and Delaware (with New Jersey going into effect two weeks later). The law closely resembles other state privacy laws. Like most other state privacy laws, New Hampshire does not define “consumer” to include those in an employment context. The New Hampshire Attorney General’s office has enforcement powers and like other states, there is no private right of action. The law also does not include provisions for additional rulemaking, mi ..read more
Visit website
FTC Seeks Comments on AI Impersonation Rules
Sheppard Mullin's Eye On Privacy
by Liisa Thomas
1w ago
Earlier this month, accompanying an update to a rule prohibiting the impersonation of businesses and governments, the FTC sought comments on extending the rule to prohibit impersonation of individuals. The agency indicated that it is considering expanding the rule as the result of rising complaints around “impersonation fraud,” especially those generated by AI. Comments are due by April 30, 2024. As proposed, the rule would prohibit “materially and falsely” posing as another individual both expressly or by implication. Similarly prohibited would be false endorsements. Importantly for businesse ..read more
Visit website
Sheppard Mullin Creates Privacy Law Resource Center
Sheppard Mullin's Eye On Privacy
by Liisa Thomas
1w ago
Sheppard Mullin is pleased to announce the creation of its new Privacy Law Resource Center to help companies navigate the increasing complexity of privacy and data security laws. We know that companies are struggling to keep track of and address the myriad global obligations that may affect them. These tools are aimed to help. The requirements facing companies go well beyond general privacy laws like those being passed by US states, or which exist around the globe (GDPR, for example). There are privacy and security laws at an entity level (health care, financial services), activity level (text ..read more
Visit website
The Landscape of GIPA Litigation in Illinois
Sheppard Mullin's Eye On Privacy
by David Poell
1w ago
Class action litigation has exploded in cases involving violations of Illinois’ Biometric Information Privacy Act (“BIPA”). Less known and litigated is Illinois’s Genetic Information Privacy Act (“GIPA”) – enacted in 1998. But recent trends may portend an increase in GIPA filings on the horizon. The Illinois legislature enacted GIPA to enhance privacy protections prohibiting the unauthorized disclosure and use of Illinois residents’ genetic information. Specifically, GIPA prohibits disclosure of the identity of any person subjected to a genetic test (or the genetic results) without the in ..read more
Visit website
EDPB Provides Guidance on Determining Primary Supervisory Authority
Sheppard Mullin's Eye On Privacy
by Liisa Thomas
1M ago
This month the EDPB shed light on the question of lead supervisory authorities. The issue arose in response to a question late last month from the French supervisory authority. Some background. As most international organizations are aware, GDPR provides for a “lead” supervisory authority where companies have their “main establishment” in that location. In the event, for example, if an investigation into a company’s violation of a particular provision of GDPR, the lead supervisory authority would be the sole authority to pursue the problem. This question can also come up when companies are try ..read more
Visit website
UK ICO Uses AI In Cookie Banner Review
Sheppard Mullin's Eye On Privacy
by Liisa Thomas
1M ago
The UK Information Commissioner’s Office recently reported that it is continuing its review of website cookie banners. It had expressed concern late last year that these banners were not giving “fair choices” because they did not make it as easy for users to reject all advertising cookies as it was for users to accept all. The ICO reached out to 53 companies and has now indicated that it will be reaching out to more companies: 100 at a time. To conduct its review, it will run a hackathon this year to develop an AI tool to comb the web for “noncompliant” banners. What does the ICO consider ..read more
Visit website
California AG Turns on CCPA Investigation of Streaming Services
Sheppard Mullin's Eye On Privacy
by Alyssa Sones
1M ago
To close out Data Privacy Week, California Attorney General Rob Bonta announced a new investigative sweep probing streaming apps’ and devices’ compliance with the California Consumer Privacy Act (CCPA). The announcement highlights three key areas of focus for the AG in this investigation: Consumers should be able to go into device settings on a SmartTV to find and enable the “Do Not Sell My Personal Information” setting. Opt-out choices should be honored across devices if the consumer is logged into their account when they opt out. A streaming service’s privacy policy covering CCPA rights sho ..read more
Visit website
The Garden State Cultivates a Consumer Privacy Law – The First for 2024
Sheppard Mullin's Eye On Privacy
by Liisa Thomas and Kathryn Smith*
2M ago
New Jersey’s governor has signed into law the first US state comprehensive privacy law of 2024. It will go into effect January 16, 2025. For those keeping score, that puts New Jersey after Florida, Oregon, Texas (all July 1, 2024), Montana (October 1, 2024), Delaware, and Iowa (both January 1, 2025). But, before Indiana (January 1, 2026). (Visit this post for a more detailed recap). The requirements of the New Jersey law will feel quite familiar for those who familiar with the other US state privacy laws.Key provisions include: Applicability. Like all states except California, New Jersey ..read more
Visit website
Privacy Day 2024: A Look Back at Developments from 2024
Sheppard Mullin's Eye On Privacy
by Liisa Thomas
2M ago
From the expansion of “general privacy” laws in US states and concerns over cross-border data transfers, to global focus on artificial intelligence, surveillance and dark patterns, 2023 was a busy year. Our privacy team tracked these developments and more during 2023, and we have put together this complete resource that includes our summaries of all of the privacy law developments from 2023. Following this year’s privacy day (falling on Sunday), many will be reminding their organizations about the importance of privacy and cybersecurity in 2024 and beyond. We hope that this resource is a usefu ..read more
Visit website
Defense Department Outlines Its Future Cybersecurity Program
Sheppard Mullin's Eye On Privacy
by Townsend Bourne, Nikole Snyder and Jordan Mallory
2M ago
The Department of Defense published a much-anticipated Proposed Rule at the end of last year for its Cybersecurity Maturity Model Certification program. The proposed rule is our first comprehensive look at the latest iteration of the CMMC program (referred to as CMMC 2.0), which will become effective once final changes are made to DoD regulations for contractors. The program attempts to streamline the various DoD cybersecurity requirements and provide greater flexibility in the certification process. As many are aware, the CMMC program is the DoD’s method to ensure that defense contractors and ..read more
Visit website

Follow Sheppard Mullin's Eye On Privacy on FeedSpot

Continue with Google
Continue with Apple
OR