Increasing oversight of tech companies, particularly in the realm of consumer privacy, has been a rare example of bipartisan agreement. Despite data privacy being a growing concern for consumers, however, there has been relatively little federal policymaking. To counteract this lack of action, some states have stepped in to fill this void—and have enacted policies that could have large impacts on how businesses operate. The rapid rate at which these laws are being enacted – eleven have been enacted– indicates states are taking an increasingly protective view of consumers’ data privacy. Businesses need to be prepared to comply with these new mandates, or risk costly enforcement measures.

In today’s world, cybersecurity breaches and threats are pervasive concerns for any business entity, without exception. Working from home arrangements due to COVID-19 constraints only magnify the risk and create further vulnerabilities for companies. Companies should be aware of (1) the key cyber threats they face, (2) the consequences of a breach, and (3) the statutory and regulatory framework governing cybersecurity. Cybersecurity breaches are unique in that an entity can both be the victim of the breach and still be found to have a degree of responsibility. Fortunately, there are precautionary measures that companies can implement to help prevent a breach and to mitigate the scope and damage of a breach if one were to occur. We will elaborate on the steps to take to guard against a breach and how to effectively respond to a breach in a forthcoming post.

With less than one month to go before the California Consumer Privacy Act of 2018’s (“CCPA”) effective date of January 1, 2020, businesses should be aware of the potential litigation that awaits them.

The CCPA is a California privacy law that gives California consumers the rights to know about and control the personal information that businesses collect about them.  In turn, the CCPA requires businesses to give consumers the ability to effectuate these rights.  For a more in-depth review of the CCPA, please view our previous posts on our Privacy Law Blog

The California Consumer Privacy Act of 2018 (“CCPA”) is a California privacy law that gives consumers, defined as natural persons residing in California, affirmative rights with respect to their data privacy.  Namely, the CCPA endows consumers with certain rights to access information about and control what a business does with their personal information.  (For an in-depth review of the CCPA and further explanation of these rights, please view our previous Privacy Blog post.)