California’s governor has signed an amendment to CCPA, the state’s well-known privacy law. While California was the first to pass a “comprehensive” privacy law, it is the second -with this new amendment- to include “neural data” to the definition of sensitive personal information. It follows Colorado, which added this information to its law earlier this
Eye On Privacy
Timely Updates and Analysis on Privacy and Cybersecurity Issues
Blog Authors
Latest from Eye On Privacy
Promising Decision in Wiretapping Case, Win for Businesses
Those tracking CIPA litigation are familiar with the recent decision holding in favor of a company whose site had an online chat operated by a vendor. The court in that case held (1) that the company had not violated the California Invasion of Privacy Act (CIPA), and (2) that its chat was not unauthorized “wiretapping.”…
California: Age-Appropriate Design Code Act Partially Blocked, New Social Media Law Signed
California has been active in the kids space. First, the Ninth Circuit’s recently ruled on the California’s Age-Appropriate Design Code Act. Second, the governor has just signed a new law aimed at social media sites.…
Malaysia In Process of Updating Its Privacy Law
Malaysia is in the process of updating its Personal Data Protection Act to align more closely with laws in other jurisdictions. The law was originally passed in 2010 and then modified this year. As part of the modification process, the country’s Personal Data Protection Department (PDPD) sought input at the end of the summer on…
October 1st Reminder – Big Sky Privacy Law Goes into Effect
2024 seems like it is flying by. For those keeping track of US state “comprehensive” privacy laws you know that October 1 – a week away – brings the effective date of the Montana privacy law. The “big sky” state will join Texas, Oregon and Florida as the fourth effective privacy law of 2024.…
Brazil’s Data Protection Authority Issues Rules Clarifying Data Transfers
Wondering what the requirements are for transferring personal information out of Brazil? Under the country’s Data Protection Law, extra-territorial transfers of personal information are regulated in much the same way as in EU Member States. Parties can transfer personal information from Brazil to a third country only in limited circumstances. This includes, among other…
New Data Breach Notification Obligations for PA – and a New Reporting Portal
Pennsylvania AG Michelle Henry announced yesterday the launch of an online portal for businesses to report data breaches to the AG’s office. The portal launch comes before Pennsylvania’s new breach amendments take effect on September 26, 2024. One of the amendments will require businesses to report to the AG Office any breach that impacts more…
Camera Company Will Pay $2.95 Million to Settle Security Claims
Verkada, a manufacturer and retailer of security cameras, has settled FTC accusations of lax security measures. The company sells its products to businesses, including schools and medical facilities. It markets its products as “plug and play:” the cameras connect to the cloud and allow customers’ remote access into both live and archived video footage. Among…
Regulators On Both Sides of the Pond Seek Input on Children’s Privacy
The New York Attorney General’s office and the UK Information Commissioner’s Office were busy last month when it came to children’s privacy. Both sought input from the public about regulating children’s online privacy, including on social media.…
New Hampshire AG Announces New Data Privacy Unit
The privacy space continues to evolve with the announcement of the new Data Privacy Unit within New Hampshire’s Consumer Protection and Antitrust Bureau. This new unit will enforce New Hampshire’s Data Privacy Act, which takes effect January 1, 2025. Enforcement includes seeking civil penalties against businesses that fail to comply with consumer rights requests.…