On Monday, March 13, 2023, The Texas House Business & Industry committee held a hearing for the main data privacy bill for this legislative session by Representative Capriglione of Southlake, TX, a Dallas suburb. The 34-page bill filed earlier this year aims to comprehensively address how companies and consumers interact with personal data. Similar to California, European, and a handful

On October 7, 2022, President Biden signed an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities.  The order aims to address concerns expressed by the Court of Justice of the European Union (CJEU) in the Schrems II case, in which it ruled the E.U.-U.S. Privacy Shield inadequate as a cross-border transfer mechanism. 

Yesterday, on August 24, 2022, California Attorney General Rob Bonta (“AG”) announced a settlement with Sephora, Inc., resolving allegations that the company violated the California Consumer Privacy Act (“CCPA”).  The order includes permanent injunctive relief as well as a $1.2 million fine. This action stems from a June 2021 enforcement sweep by the attorney general

The Department of Justice (“DOJ”), on behalf of the Federal Trade Commission (“FTC”), filed a complaint and motion for entry of a stipulated order with the Northern District of California, which would require Twitter to pay civil penalties and take other corrective actions for their violation of the FTC Act and a previous 2011 FTC

A new bill introduced by the Senate (S. 2666), the “Sanction and Stop Ransomware Act of 2021”, would require a strict 24-hour limit for reporting ransomware payments for businesses with more than 50 employees. The bipartisan bill, put forward by leaders of the Senate Homeland Security and Governmental Affairs Committee, also focuses on critical infrastructure,

Background

Yesterday, on September 22, 2021, the California Privacy Protection Agency (“CPPA”) — the new privacy regulatory agency created by the California Privacy Rights Act of 2020 (“CPRA” or “CCPA 2.0”) — issued an invitation for public comment on its proposed rulemaking.  Such comments “will assist the Agency in developing new regulations, determining whether

Background

On August 30, 2021, the Securities and Exchange Commission (SEC) sanctioned eight firms in three actions for cybersecurity failures in their policies and procedures that exposed the personal information of thousands of customers at each firm. These firms included: Cetera Advisor Networks LLC, Cetera Investment Services LLC, Cetera Financial Specialists LLC, Cetera Advisors LLC,

On March 17, 2021, Governor Gavin Newsome, Attorney General Xavier Becerra, Senate President pro tem Toni Atkins, and Assembly Speaker Anthony Rendon announced the members of the California Privacy Protection Agency (CPPA) the new administrative agency created by the California Privacy Rights Act (CPRA) charged with protecting consumer privacy rights overs personal information.

“Californians deserve

California Attorney General Issues Additional CCPA Regulations Advancing Consumer Protections

On March 15, 2021, the California Attorney General (“AG”) approved additional CCPA regulations to enhance consumer protections for opting out of the sale of information.  These regulations come after the third set of modifications was approved last October, and after the California Privacy Rights Act

Ascension Data & Analytics LLC, a data analytics company for the mortgage industry, has entered into a proposed settlement agreement with the Federal Trade Commission (FTC) following allegations that it violated the Gramm-Leach-Bliley Act’s (GLB) Safeguards Rule by failing to ensure that a third-party vendor was adequately securing data of mortgage holders. The FTC complaint