This is the seventh installment in Hogan Lovells’ series on the California Consumer Privacy Act.
The application of the California Consumer Protection Act of 2018 (“CCPA”) to employee data has been the subject of much debate since the first version of the bill was introduced on June 21, 2018 (just days prior to its enactment on June 28). Under a … Continue Reading
Late last month, California Governor Jerry Brown signed the first US Internet of Things (IoT) cybersecurity legislation: Senate Bill 327 and Assembly Bill 1906. Starting on January 1, 2020, manufacturers of regulated connected devices are required to equip such devices with “reasonable security features” designed to protect a connected device and any information it holds from “unauthorized access, destruction, … Continue Reading
Thank you to everyone who participated in last week’s webinar “California Consumer Privacy Act: What you need to know now.”
In this complimentary webinar, Hogan Lovells partners Mark Brennan, Bret Cohen, Harriet Pearson, and Tim Tobin, discussed:
• What triggered the new law?
• What data is covered?
• What does CCPA require, and how do you start operationalizing the … Continue Reading
On June 28, 2018, California’s governor signed Assembly Bill 375, a ground-breaking new data privacy law that some are calling the United States’ answer to the European Union’s General Data Protection Regulation (GDPR). Particularly in light of California’s status as the world’s 5th largest economy, many are wondering how the new California Consumer Privacy Act (CCPA) will affect them.
Please … Continue Reading
California continues to be a first mover in privacy in the United States, enacting the US’s toughest and most comprehensive privacy legislation on Thursday, June 28, 2018. Unlike existing state and federal privacy legislation that has generally focused on specific sectors or privacy issues, the California Consumer Privacy Act of 2018 (AB 375), applies broadly to businesses that … Continue Reading
The U.S. Environmental Protection Agency was created in 1970 to safeguard the environment against pollutants. The tidal wave of environmental regulations that followed impacted every industry in the United States, especially the automotive market. Decades later, organizations have internalized these regulations into their culture.
Today, the European Union’s General Data Protection Regulation (GDPR) is driving a regulatory wave of similar … Continue Reading
In the same week that the automotive industry gathers in Washington, D.C. for the 2018 Washington Auto Show, a cross-section of automotive stakeholders, government officials, and consumer and privacy advocates came together at Hogan Lovells’ Washington office to discuss privacy issues facing connected vehicles. The half-day conference, co-hosted by Hogan Lovells and the Future of Privacy Forum, convened on January … Continue Reading
The Federal Trade Commission (FTC) and National Highway Traffic Safety Administration (NHTSA) are co-hosting a workshop on June 28, 2017, to explore the privacy and security issues raised by automated and connected vehicle technologies. The agencies are looking to explore the types of data such technologies collect, store, transmit, and share; the potential benefits and challenges posed by the technologies; … Continue Reading
On January 12, 2017, prior to the new administration taking power, the National Telecommunications and Information Administration (NTIA) within the Department of Commerce (Department) released a Green Paper on “Fostering the Advancement of the Internet of Things,” which assesses the technological and policy landscape of the Internet of Things (IoT). The Green Paper is expansive in scope, reflecting the broad … Continue Reading
Connected vehicles today are rolling computers able to exchange information wirelessly with manufacturers, other vehicles, and third party service providers to significantly improve safety, efficiency, and comfort for drivers. Many entities are interested in the data these connected vehicles generate and transmit. These entities include dealers and repair shops, vehicle fleet service providers, end-users, infrastructure operators, diagnostics providers, researchers, financial … Continue Reading
In June 2015, the Federal Trade Commission (FTC) held a workshop on The “Sharing” Economy: Issues Facing Platforms, Participants, and Regulators. The Commission also solicited public comments on the topic, receiving more than 2,000 comments in response. On 17 November, the Commission issued a report summarizing the issues explored in the workshop and the public comments. The report emphasized … Continue Reading
On 29 August the FTC announced a request for public comment on the Standards for Safeguarding Consumer Information Rule (the Safeguards Rule). The FTC promulgated the Safeguards Rule in 2002, implementing Title V of the Gramm-Leach-Bliley Act (GLBA), which required federal agencies to establish standards for the administrative, technical, and physical safeguards employed by financial institutions for certain information. In … Continue Reading
With attention to connected car cybersecuity issues increasing globally, the European Union Agency for Network and Information Security (ENISA) is leading the EU’s first bloc-wide initiative to identify cybersecurity rules of the road for connected cars. On July 13, ENISA announced a study aimed at creating a comprehensive list of cybersecurity policies, tools, standards, and measures to enhance security in … Continue Reading
A three-judge panel of the U.S. Court of Appeals for the Second Circuit today unanimously reversed a lower court’s denial of Microsoft’s motion to quash a warrant seeking the content of emails for a customer of its Outlook.com email service. The decision is surprising in that that U.S. courts, including the Second Circuit, have traditionally enforced government process seeking documents … Continue Reading
On April 5, 2016, the National Telecommunications and Information Administration (NTIA) initiated an inquiry to review the potential benefits and challenges presented by the Internet of Things (IoT). In its Notice and request for public comment (RFC), NTIA is seeking input on the current IoT technological and policy landscape with a goal of developing recommendations—in the form of a Green … Continue Reading
On March 2, 2016, the Consumer Financial Protection Bureau (CFPB) announced its first data security enforcement action in the form of a Consent Order with online payment platform Dwolla, Inc. The five-year Consent Order is based on CFPB allegations that Dwolla engaged in deceptive acts and practices by misrepresenting to consumers that it had “reasonable and appropriate data security practices.” … Continue Reading
Earlier this month, the Federal Deposit Insurance Corporation’s (FDIC) Division of Risk Management Supervision released “A Framework for Cybersecurity” in its Winter 2015 issue of Supervisory Insights. The FDIC article outlines the current and evolving cyber threat landscape and identifies the challenges presented by these threats as “critical” to financial institutions. The article describes regulatory steps the FDIC … Continue Reading
On November 9, 2015, Anthony Albanese, Acting Superintendent of the New York State Department of Financial Services (NYDFS), issued a letter to a wide array of federal and state financial services regulators that are part of the Financial and Banking Information Infrastructure Committee (FBIIC). The FBIIC members work together to enhance the reliability and security of financial sector infrastructure. … Continue Reading
On November 6, 2015, the European Commission issued its widely anticipated Communication to the European Parliament and Council about the effect of the Court of Justice of the European Union’s (CJEU) Schrems decision, which invalidated the U.S.-EU Safe Harbor framework. The Commission expresses a commitment to negotiate with the U.S. Government a new framework for cross-border transfers of personal data. … Continue Reading