Privacy issues are inherent in almost all facets of a business — from operations, employment, and technology to customer service, contracts, legal and compliance — all with varying degrees of risk. Most companies mitigate risk by standardizing processes and procedures to handle certain common or low-risk situations. This is helpful in streamlining repetitive inquiries that
Privacy Policy
Pet Stairs, Wiretapping, and Cookies: Implications of the Third Circuit’s Popa Opinion
The case of Popa v. Harriet Carter Gifts, Inc. “began with a quest for pet stairs.” Plaintiff Ashley Popa searched Harriet Carter Gifts’ website, added pet stairs to her cart, but never completed the purchase. During her “quest,” Popa’s information was collected not only by Harriet Carter Gifts, but also by a third-party marketing company…
Connecticut Keeps the State Privacy Law Wave Rolling
Following a near unanimous vote in the Connecticut House, Connecticut is set to become the fifth state to pass comprehensive privacy legislation. With the addition of the Connecticut Data Privacy Act (CTDPA), Connecticut joins California, Virginia, Colorado, and Utah, in regulating businesses that possess, store, and/or sell consumers’ personal data. The CTDPA comes on the…
Another Data Privacy Law? Colorado Enacts the Colorado Privacy Act
Colorado became the third state to enact comprehensive data privacy legislation when Gov. Jared Polis signed the Colorado Privacy Act (CPA) on July 8, 2021. The CPA shares similarities with its stateside predecessors, the California Consumer Privacy Act (CCPA), the California Privacy Rights Enforcement Act (CPRA), and the Virginia Consumer Data Protection Act (VCDPA), as…
Biometric Privacy Law Expansions and Private Rights of Action
The days of only seeing biometric techniques in spy films are well behind us. A simple thumbprint can open a phone. Systems like Alexa can recognize your voice and play your favorite music. Some banks even allow customers to make payments by using voice command and fingerprint recognition.
In 2008, Illinois became the first state…
Privacy Requirements under COVID-19 Emergency Rental Assistance Program
Many relief programs have been implemented over the past year in response to COVID-19, and keeping up with the changing requirements for these programs can be daunting. A new twist in the requirements is the mandate for implementation of privacy requirements under the Emergency Rental Assistance Program. Here are some details about the Emergency Rental…
The Man Behind the Curtain: College Admissions and FERPA Requests
Aspiring college students spend enormous amounts of time trying to unlock the magic formula that leads to those magic words: Congratulations, you’ve been accepted! But, for many students, the focus on admissions does not stop once they matriculate.
Starting in 2015, schools such as Harvard, Yale, Penn, and Stanford saw a dramatic uptick in students…
A Year Later: CCPA Compliance Reminder to Review Your Privacy Policy
Has it been a year already? Many businesses diligently made sure they did their best to hit the moving CCPA target as they welcomed 2020 and the effective date of the statute last year. A year ago, all we had were draft regulations and a statute, and businesses had to do their best to comply. …
New “Basic Assessment” Is a Bridge to CMMC for Defense Contractors
The Department of Defense (DoD) continues to enhance cybersecurity requirements in its supply chain. A new rule requires some contractors to assign a numerical score to their current cybersecurity practices. Additionally, the rule begins rolling out requirements for all defense contractors to have their cybersecurity certified by a third party.
For years, the gold standard…
Privacy at the Polls: Portland, Maine Votes to Ban Facial Recognition Technology
While the nation waits for the results of the presidential race to be tallied, across the country local and statewide referendums on privacy issues have been decided. In Portland, Maine voters approved a ballot measure to ban the use of facial recognition technology by local police and city agencies. Portland joins other cities such as…
Introducing… the Global Privacy Control
One of the most reoccurring questions we’ve gotten from companies subject to CCPA that have a “Do Not Sell” link has been “What the heck do we do about this global privacy control?” Up until now, there wasn’t a clear, or even semi-helpful, answer to that question that didn’t involve a fair amount of guesswork.…