Browsing Category
Legislation
45 posts
Brazil Enshrines Right to Data Protection in Constitution
An important milestone where, Effective February 10, 2022, Brazilians have the constitutional right to the protection of their…
New York Proposes the Digital Fairness Act
If passed, entities that process the PI of 500 or more unique individuals must obtain explicit, informed opt-in…
Brazil ANPD Defines LGPD Investigation and Enforcement
Effective October 29, 2021, the ANPD is able to monitor, inspect and apply administrative sanctions for LGPD compliance in accordance with the…
Massachusetts Proposes Comprehensive Privacy Act
Titled the Massachusetts Information Privacy Act, Bill S.46 is currently under review by a joint committee on information technology;…
Oklahoma Proposes Comprehensive Privacy Act
If passed, entities that do business in Oklahoma must comply with consumers’ requests for access, correction and deletion…
Federal Law Protects K-12 Institutions From Cyber Events
The K-12 Cybersecurity Act, passed on October 8th, 2021, aims to protect sensitive information maintained by schools across the United…
California Governor Signs Genetic Information Privacy Act into Law
Effective immediately, companies must develop procedures and practices to enable consumers to exercise their rights (such as being…
Australia Regulates Spam Unsubscribe Requests
As of April 1, 2021 anyone who receives commercial electronic messages must be able to unsubscribe without providing personal information
Brazil Constitutional Data Protection Right Awaits Senate Approval
Brazilian Senate is considering whether to amend the Constitution to add data protection as a fundamental right
Illinois Enacts Household Privacy Protections
A new Privacy Act in Illinois has brought in greater regulations with regards to law enforcement obtaining household electronic data.
COVID-19: Brazilian Regulator’s Principles for Processing Geolocation Data
Sharing consumers' geolocation data by telecom operators does not violate the Federal Constitution or LGPD when done for certain reasons.
Privacy regulations are changing
www.forbes.com/sites/jiawertz/2021/08/04/privacy-regulations-are-changing-heres-how-e-commerce-businesses-can-work-with-customers/?sh=5641838b611f
Marketing Communications: NAI Imposes Opt-Out Requirements for Hashed Email Addresses
Member companies of the Network Advertising Initiative that leverage hashed email addresses as an addressability method for audience-matched…
Peru Enacts National Identity Document Account Law for Banking Sector
Effective from the date of publication, the national bank of Peru will oversee the operation of the national…
Massachusetts Bill Targets Employee and Student Social Media Privacy
If passed, employers and educational institutions would be prohibited from compelling access or connecting to the personal social media…
Minnesota Proposes Consent Obligations for Businesses
If passed, all businesses in Minnesota regardless of size may not collect, use or disclose a consumer’s personal…
Minnesota Proposes Consent Obligations for Businesses
If passed, all businesses in Minnesota regardless of size may not collect, use or disclose a consumer’s personal…
Wisconsin Enacts Insurance Data Security Law
Effective November 1, 2021, licensees must have comprehensive risk assessment and information security programs (threat management, employee monitoring,…
Federal Bill Aims to Improve Contractor Cybersecurity
If passed, executive government agencies may not enter into a contract for IT services unless the contractor maintains…
Brazil Urgently Seeks to Establish AI Regime
If passed, the law will establish principles, rights and duties for the use of AI in Brazil, ensuring…
Liability – Banking: American Bankers Association Urges Rejection of Draft Uniform State Privacy Act
In their comment letter on the draft Uniform Personal Data Protection Act, issued jointly with state bankers associations, the ABA expressed…
NIST Defines Critical Software
As required under Executive Order 14028, “critical software” has been defined as any software that has, or has…
Ohio Introduces Personal Privacy Act
If passed, individuals in Ohio State will have the ability to opt-out of the sale of their personal…
Connecticut Provides Defense Against Data Breach Claims
Effective October 1, 2021, covered entities in Connecticut shall not be liable for punitive damages for alleged failure…
Harm and Injury: Illinois Court Approves BIPA Settlement
An amusement park has agreed to a settlement of $36 million for mandating its customers to give biometric…
Federal Bill Makes Major Changes to Children’s Online Privacy Rules
If passed, online privacy protections would be extended beyond children under 13 years of age to teens or…
Reporting to Regulators: New Registration Portal for Peru Controllers
Legal and natural persons and public entities that administer personal data banks (such as the data bank of…
Re-Introduced Federal Bill Requires Online Platform Protections
If passed, platform operators must give users control over their use of their personal data by allowing them…
Connecticut Enacts New Breach Notification Obligations
Effective October 1, 2021, the deadline for breach notification to State residents would decrease from 90 to 60…
Federal Bill Introduced to Increase Transparency by Internet Platforms
If passed, platforms with 30 million or more active monthly US users must provide notice of any algorithms…
Texas Expands AG Breach Notification Requirements
Effective September 1, 2021, companies reporting breaches of system security to the State AG must include the number…
Unfair or Deceptive Acts: Movie Ticketing App Enters Into FTC Settlement
The company denied consumers access to services they paid for, stored consumer data in plain text, and failed…
Nevada Privacy Legislation updates
Nevada Governor Sisolak signed SB260 on June 2nd, a bill that will amend the state’s existing privacy notice legislation…
Federal Bill Aims to Strengthen US Encryption Laws
If passed, the ENCRYPT Act would pre-empt state decryption requirements and prohibit any state or political subdivision from…
Wisconsin Reintroduces Insurance Data Security Law
If passed, licensees must have comprehensive risk assessment and information security programs (threat management, employee monitoring, access controls,…
Minnesota Re-Proposes Insurance Data Security Law
If passed, licensees must maintain a comprehensive information security program (based on its size and complexity, activities and…
Florida Permits Telephonic Sales Calls With Written Consent
If passed, it will be unlawful for a telephone solicitor to initiate a telephonic sales call (by phone,…
Montana Proposes Online Privacy Policy Requirements
Legislation: Montana Proposes Online Privacy Policy Requirements If passed, operators of commercial websites or online services must…
Utah Provides Defense Against Data Breach Claims
Effective May 5, 2021, entities can defend claims alleging failure to establish security controls and notify affected individuals…
New Hampshire Bill Prohibits Sharing of Location Data
If passed, a mobile application developer or a telecommunications carrier will be prohibited from sharing a customer’s location…
Brazil Bill Seeks to Immediately Implement LGPD Sanctions
The delay in enforcement of the LGPD has rendered sanctions harmless and led to less protection for citizens…
Kentucky Bill Requires Website Operators to Obtain Consent
If passed, first and third party website operators shall not collect, use, sell, share, exchange, or store data…
Kentucky Bill Requires Website Operators to Obtain Consent
If passed, first and third party website operators shall not collect, use, sell, share, exchange, or store data…
New York Proposes BIPA-Like Protections
f passed, entities must provide publicly available retention schedules and guidelines for biometric identifiers and information based on…
