Akin Gump Strauss Hauer & Feld LLP write: The California Consumer Privacy Act (CCPA), the nation’s broadest privacy protection statute, was enacted by the California Legislature in June 2018 as part of a last-minute deal to stop a proposed statewide ballot measure that could have ushered in an even stricter privacy law. We have written about…
Category: Breach Laws
MA: Deal Struck To Protect Consumers Hurt By Data Breaches
Katie Lannan reports: A compromise bill filed Tuesday by a House-Senate conference committee would afford Massachusetts residents a year and a half of free credit monitoring services if their personal data and Social Security number are compromised by a data security breach. The panel, chaired by Rep. Tackey Chan and Sen. Barbara L’Italien, filed its…
Why is Israel’s new proposed cybersecurity law raising hackles?
Shoshanna Solomon reports: Even as Israel’s privacy and democracy watchdogs welcome a cybersecurity law that would help the nation fend off damaging attacks to its businesses and critical infrastructure, they are warning that a newly proposed law, now up for comments, is not beneficial to democracy. The proposal gives “too wide an authority without enough…
Changes to Louisiana’s Data Breach Notification Law Go Into Effect August 1
Joseph J. Lazzarotti, Jason C. Gavejian, and Maya Atrakchi of Jackson Lewis write that changes to Louisiana’s data breach notification law (Act 382) go into effect on August 1 of this year. Those changes include expansion of the definition of personal information, requirements that notification be made no later than 60 days from discovery of…
Big Data Breaches Shine Spotlight on Laws Impacting Employee Data Protection
John Litchfield of Foley & Lardner reminds employers that there are new laws coming into effect that impact employers’ collection and protection of employee data. The following laws, he notes, come online this year: Alabama (effective June 1, 2018) Delaware (effective April 14, 2018) Oregon (effective June 2, 2018) South Dakota (effective July 1, 2018)…
WHEN do you have to notify by? State laws vary.
MintzLevin has updated its state data breach law matrix, as I noted previously on the page where I link to such resources. Here’s an excerpt from their matrix: Breach Notification Timeline Time After Discovery of Breach Action Required 10 Calendar Days Puerto Rico Department of Consumer Affairs 14 Business Days Vermont AG preliminary…