Many relief programs have been implemented over the past year in response to COVID-19, and keeping up with the changing requirements for these programs can be daunting. A new twist in the requirements is the mandate for implementation of privacy requirements under the Emergency Rental Assistance Program. Here are some details about the Emergency Rental
Erin Jane Illman
Erin Illman is a dynamic problem solver with a strong understanding of U.S. and international private-sector privacy laws and regulations and the legal requirements for the transfer of sensitive personal data to/from the United States, the European Union and other jurisdictions. She regularly advises clients on CCPA, GLBA, HIPAA, COPPA, CAN-SPAM, FCRA, security breach notification laws, and other U.S. state and federal privacy and data security requirements, and global data protection laws. In addition to providing proactive privacy and information security compliance and legal advice, Erin manages privacy-related enforcement actions and litigation. Her practice includes representing companies in reactive incident response situations, including insider cybersecurity threats, electronic and physical theft of trade secrets, and investigation, analysis, and notification efforts with respect to security incidents and breaches.
Privacy Moves to the East Coast: Virginia Set to Enact Comprehensive Consumer Data Protection Law
Virginia is primed to become the next U.S. state to pass comprehensive data-privacy legislation with striking similarities to the California Consumers Privacy Act (CCPA), the California Privacy Rights Act (CPRA), and the E.U.’s General Data Protection Regulation (GDPR).
The legislation, known as the Consumer Data Protection Act, passed the Virginia House of Delegates on January…
Why It Matters Whether Hashed Passwords Are Personal Information Under U.S. Law
On January 22, 2021, Bleeping Computer reported about yet another data dump by the hacker group Shiny Hunters, this time for a clothing retailer. Shiny Hunters is known for exfiltrating large databases of customer information, often through misconfigured or otherwise compromised database. These databases typically contain credential information for customers, as was the case…
A Year Later: CCPA Compliance Reminder to Review Your Privacy Policy
Has it been a year already? Many businesses diligently made sure they did their best to hit the moving CCPA target as they welcomed 2020 and the effective date of the statute last year. A year ago, all we had were draft regulations and a statute, and businesses had to do their best to comply. …
Massachusetts Voters Approve Measure for Expanded Access to Vehicle Data
In a roller coaster of an election week, it was easy for smaller ballot measures to become overshadowed. One ballot measure that you may have missed is Massachusetts’s Ballot Question 1 regarding the “right to repair” motor vehicles. The ballot measure expands access to a driver’s motor vehicle data. Vehicles are increasingly becoming more computerized…
2020 Brings Times of Change: Key Privacy Law Updates This Year
The privacy law landscape is constantly changing, and it can feel like a daunting task for businesses to keep up with the laws of 50 states in the U.S. plus any international laws that also may be applicable. 2020 seems to be a banner year for change on many fronts. COVID-19 and the 2020 elections…
Privacy at the Polls: Portland, Maine Votes to Ban Facial Recognition Technology
While the nation waits for the results of the presidential race to be tallied, across the country local and statewide referendums on privacy issues have been decided. In Portland, Maine voters approved a ballot measure to ban the use of facial recognition technology by local police and city agencies. Portland joins other cities such as…
Introducing… the Global Privacy Control
One of the most reoccurring questions we’ve gotten from companies subject to CCPA that have a “Do Not Sell” link has been “What the heck do we do about this global privacy control?” Up until now, there wasn’t a clear, or even semi-helpful, answer to that question that didn’t involve a fair amount of guesswork.…
Threats, Harassment, and Contact Tracing: Why Privacy Programs are Expanding to Protect Health Care Workers
Back in March we wrote about Address Confidentiality Programs (ACPs) as the “high stakes compliance risk you probably haven’t heard of.” These state-sponsored programs were traditionally designed to protect victims of crimes such as domestic abuse, sexual assault, stalking, or human trafficking from perpetrators who seek to find and harm their victims. Since that first…
A Letter from the Editors
As technology and business rapidly evolve, state and federal government agencies are continually introducing new data privacy regulations that businesses need to be aware of. To address this ever-changing landscape, we are pleased to introduce our new blog—Online & On Point—to provide commentary, updates, and insight on the developments that could have an…