Posts tagged Cybersecurity.

On Friday, the Sacramento Superior Court issued a ruling delaying the enforcement of recently enacted California Privacy Rights Act regulations until March 2024. The CPRA, which amended the California Consumer Privacy Act, directs the California Privacy Protection Agency to promulgate regulations that further explain and detail the requirements of the CPRA. The agency was supposed to issue regulations by July 1, 2022, with an enforcement date of July 1, 2023. However, the agency did not issue those regulations until March 24, 2023.

This year has so far proven to be quite active in terms of state privacy legislation. In 2022, California, Virginia, Colorado, Utah, and Connecticut were the five states with consumer privacy laws on the books, all set to take effect in 2023. Then, earlier this year, Iowa, Indiana, and Tennessee enacted their own respective comprehensive privacy laws. Iowa’s and Tennessee’s laws will take effect in 2025, and Indiana’s law will take effect in 2026.

On Thursday, May 11, Gov. Bill Lee (R) signed into law the Tennessee Information Protection Act. The new TIPA follows the recent enactment of data privacy laws in Iowa and Indiana. The other states with data privacy laws are California, Colorado, Connecticut, Utah, and Virginia.

On the heels of the unanimous passage of Iowa’s Act Relating to Consumer Data Protection on March 28, Indiana’s Consumer Data Protection Act was passed by the state legislature on April 13 and has been signed into law by Gov. Eric Holcomb (R).

Plaintiffs are becoming increasingly creative in their attempts to seek relief involving alleged privacy violations resulting from their online activity. This includes raising allegations of violations of the Video Privacy Protection Act, a federal law enacted in 1988 largely in response to privacy concerns surrounding businesses’ use of individuals’ video tape rental histories. 

It’s only April, but 2023 has already been a big year for new and evolving data privacy legislation. In January, the California Privacy Rights Act took effect, expanding and clarifying the rights and obligations within the California Consumer Privacy Act. In addition, exceptions for business-to-business and employee and applicant data expired, ushering in new requirements and broadening the reach of the California laws. At the same time, the second major state data privacy law – the Virginia Consumer Data Protection Act – took full effect.

By now, you have probably heard about OpenAI’s ChatGPT, an artificially intelligent chatbot, and similar chatbots that have launched in its wake. (Chris Deubert and I have previously written about it here.)

Cybersecurity, lock and key, data protection

On March 2, the Biden Administration released a “National Cybersecurity Strategy,” which it says takes a comprehensive approach to securing cyberspace for all and ensuring the United States is in the best position to take advantage of all the benefits that our digital future holds. The Strategy consists of five “pillars”: Infrastructure, threat actors, the market, plans ...

The Nigerian prince seems almost quaint.

Gone are the days when the Nigerian prince was the only nefarious figure menacing our inboxes.  A simple yet elegant scheme – our supposed prince unexpectedly fell upon a large sum of money, left behind by a fallen war hero, bequeathed by a terminally-ill spouse, or, perhaps, borne from the fruits of new age oil exploration. The funds are (somehow) rightfully yours, but a bureaucratic quagmire has them tied up, and they cannot be released until you pay a *small* fee. Just send a few million dollars to a specified bank account, and the endless riches are yours.

Recent amendments to Pennsylvania’s data breach law -- the Breach of Personal Information Notification Act – will take effect May 3. The amendments were enacted in November.

Originally enacted in 2006, the Act provides for the security of computerized data and requires notification to Pennsylvania residents whose personal information data was, or may have been, disclosed due to a breach of the security of an entity’s system. 

The Constangy Cyber Advisor posts regular updates on legislative developments, data privacy, and information security trends. Our blog posts are informed through the Constangy Cyber Team's experience managing thousands of data breaches, providing robust compliance advisory services, and consultation on complex data privacy and security litigation. 

Subscribe

* indicates required
Back to Page