Consumer Protection
Subscribe to Consumer Protection's Posts

Key Issues We’re Tracking as CCPA Enforcement Nears

Although 2020 has already provided more than its share of surprises for businesses, one thing appears to remain unchanged: the California attorney general’s commitment to enforcing the California Consumer Privacy Act beginning July 1, 2020. As companies work to ensure compliance with this legislation, we explore several key issues. No one will disagree that a lot has happened since the California Consumer Privacy Act (CCPA) went into effect on January 1, 2020. Despite the Coronavirus (COVID-19) pandemic, the invasion of murder hornets and a number of other not-entirely pleasant surprises that 2020 has brought us thus far, it appears that the California attorney general is still committed to enforcing the CCPA starting on July 1, 2020. As your business prepares for CCPA enforcement, there are a number of issues to keep in mind: 1. The CCPA regulations still have not been finalized and are unlikely to take effect until October 2020. The attorney general’s...

Continue Reading

Importance of CCPA Compliance Highlighted by First Round of Private Actions

The first wave of California Consumer Privacy Act litigation has begun to roll in, and the complaints are already raising interesting questions about the scope of CCPA’s private right of action. The actions assert a variety of claims under numerous theories and present a broad range of potential risks to businesses subject to CCPA. In light of the many questions that surround CCPA’s private right of action, the extent of possible liability from private litigation is still largely unknown and potentially significant. The first wave of private lawsuits filed under the California Consumer Privacy Act (CCPA) has begun to roll in, and the complaints are already raising interesting questions about the scope of CCPA’s private right of action. The recent explosion in popularity of video conferencing and social media software in response to the COVID-19 pandemic—and the technical issues some of these products have experienced—has inspired its own wave of litigation,...

Continue Reading

New California Privacy Ballot Initiative Would Expand the CCPA

A proposed ballot initiative in California known as the California Privacy Rights Act, which is likely to pass if placed on the 2020 ballot, would both clarify and expand the existing California Consumer Privacy Act. Companies doing business in the state should closely monitor these developments and prepare for compliance, as we outline in this article. A California ballot initiative known as the California Privacy Rights Act (CPRA) would clarify and expand the California Consumer Privacy Act (CCPA), granting significant new rights to consumers and imposing additional liability risks on companies doing business in the state. The CPRA is an update to the California Privacy Rights and Enforcement Act (CPREA) ballot initiative, which was proposed in late 2019 by the Californians for Consumer Privacy, which also sought to broadly amend and prevent changes to the CCPA that would undermine its consumer protections. The proposed ballot initiative, submitted by the...

Continue Reading

Public Backlash Calls Use of Facial Recognition Systems into Question

In recent weeks and months, legal and technical issues related to use of facial recognition systems in the United States have received national attention, including concerns that the technology lacks accuracy in identifying non-white individuals and that its widespread use by police departments may play a role in racially discriminatory policing. Privacy considerations will play a key role in the ongoing debate over the future of facial recognition technology. Facial recognition systems (FRS) are automated or semi-automated technologies that analyze an individual’s features by extracting facial patterns from video or still images. FRS use attributes or features of an individual’s face to create data that can be used for the unique personal identification of a specific individual. FRS use has grown exponentially in recent years. In addition to widespread adoption by law enforcement agencies, FRS are also frequently used in retail, banking and security sectors,...

Continue Reading

COVID-19 Causing a Surge in E-Commerce—Is Your Website Accessible?

Stay-at-home orders and business closures during the Coronavirus (COVID-19) pandemic have led to a sharp increase in online shopping. While e-commerce has helped businesses stay afloat during this challenging economic time, there has also been a spike in litigation alleging that certain websites are not accessible to individuals with disabilities. In an article for Bloomberg Law, Jeremy White, Matthew Cin and Brian Long review the legal landscape governing accessibility of websites – including specific rules that apply to the healthcare industry, and explore best practices for companies to mitigate their risk of facing a website accessibility lawsuit. Click here to read the full article.

Continue Reading

Washington State Takes the Lead in CCPA Copycat Legislation Race, Trends Emerge

Since the California Consumer Privacy Act (CCPA) took effect on January 1, 2020, “copycat” legislation has been introduced at a dizzying pace by state legislatures across the country. Taking their cues from CCPA, at last count 16 states have borrowed language from California’s watershed law regarding consumer notices, data subject rights requests, and definitions of “personal information, “sale” of data and other key items. The likely intent is to provide equal (or, in some cases, greater) protections to the residents of their states. As a practical matter, however, none of the proposed laws is identical to CCPA (nor to each other); some look to the EU General Data Protection Regulation (GDPR), and each takes a complex approach that requires careful reading. The proposed Washington Privacy Act (SB 6281) has been touted as the most comprehensive data protection law in the United States and combines elements of CCPA and GDPR, adding specific protections for...

Continue Reading

Privacy and Data Security: 2020 Considerations for the Insurance Industry

With the California Consumer Privacy Act of 2018 (CCPA) having taken effect on January 1, 2020, the privacy and data security landscape for insurance carriers, producers and insurtech (collectively, “insurers”) continues to grow more complex. A number of states have also recently passed laws regulating data security in the insurance industry, with the first transition period under a number of these laws set to end in 2020. Given the significant amount of sensitive personal information that insurers collect, process and retain, this trend of increased privacy and data security regulation within the insurance industry is likely to continue. To stay ahead of these new privacy and data security requirements, insurers need to take steps now to navigate the increasingly complex regulatory landscape. How Does the CCPA Impact Insurers? On January 1, 2020, California became the first state in the United States to enact comprehensive privacy legislation that governs...

Continue Reading

Available Now – 2019 Digital Health Year in Review

Throughout the past year, the healthcare and life science industries experienced a proliferation of digital health innovation that challenged traditional notions of healthcare delivery and payment, as well as product research, development and commercialization, for long-standing and new stakeholders alike. Lawmakers and regulators made meaningful progress towards modernizing the existing legal framework to both protect patients and consumers and encourage continued innovation, but these efforts still lag behind the pace of digital health innovation. As a result, some obstacles, misalignment and ambiguity remain, and 2020 will likely be another year of significant legal and regulatory change. Click here to read our review of key developments that shaped digital health in 2019 and set the groundwork for trends in 2020.  

Continue Reading

Comprehensive Federal Privacy Law Still Pending

The California Consumer Privacy Act (CCPA) has forced companies across the United States (and even globally) to seriously consider how they handle the personal information they collect from consumers. By its terms, however, the CCPA only protects the privacy interests of California residents; other “copy-cat” privacy laws proposed or enacted in other states similarly would only protect the rights of residents of each state. Given the burden on businesses imposed by the rapid proliferation of privacy and data protection laws, including data breach notification obligations, requirements for data transfer mechanisms imposed by international data protection laws (such as the EU General Data Protection Regulation (GDPR)), and the imposition of a variety of data subject rights, a comprehensive US federal privacy bill appears increasingly overdue. In the past year, US legislators have proposed a wide variety of data privacy laws—none of which seems to have gained...

Continue Reading

CCPA Has Just Gone Into Effect, But Businesses May Need to Prepare for a New California Privacy Law

The California Consumer Privacy Act (CCPA) is not yet one month old, but movement has already started on a new California privacy law. In November 2019, the advocacy group Californians for Consumer Privacy, led by Alastair Mactaggart, the architect of CCPA, submitted a proposed California ballot initiative to the Office of the California Attorney General that would build upon the consumer privacy protections and requirements established by CCPA. In December 2019, as required under state law, California Attorney General Xavier Becerra released a title for and summary of the proposed ballot initiative, which will be known as the California Privacy Rights Act (CPRA). Key Provisions of the CPRA CPRA seeks to give California consumers additional control over and protection of their personal information in five core ways. CPRA would require businesses to disclose when and how automated decision making is used for decisions that significantly affect a consumer’s...

Continue Reading

STAY CONNECTED

TOPICS

ARCHIVES