Pole with sign saying "future".

Privacy Law Forecast for 2019

California Privacy Law, GDPR, Privacy Law , , , , , , , ,

Image Credit: ID 23689850 © Steve Ball | Dreamstime.com

This past year was quite a whirlwind for privacy and cybersecurity watchers. Just to sum up a few of the top events of last year:

  • Facebook’s Cambridge Analytica scandal rocked political headlines
  • Europe introduced the GDPR, the most comprehensive data protection legislation to date in the world
  • California enacted the California Consumer Privacy Act, becoming the first US state to create GDPR-style rules
  • Google came under fire for allowing app developers to read your email, and track your location (even with location tracking off!)
  • Marriott’s guest reservation system was hacked, exposing the personal information of up to 500 million guests, including passport numbers and payment numbers for some of those hacked

What will happen in 2019? Here are our top 5 predictions:

Continue Reading Privacy Law Forecast for 2019

Image of gears directing arrows to shield.

California Consumer Privacy Act vs GDPR – How to Maximize Your Privacy Compliance Program

California Privacy Law, GDPR, Privacy Law , , , , ,

California’s recent passage of the Consumer Privacy Act of 2018 now places the world’s fifth-largest economy under European style data protection rules. Given the new law, US businesses that were previously hesitant to implement GDPR are now reconsidering their position.

Luckily, the GDPR and the California Consumer Privacy Act (CCPA or CaCPA) share some similarities. Both provide for consumer-facing privacy notices, data access rights, and data portability. As businesses automate their GDPR compliance processes, they should also leverage those same processes under the CaCPA to save significant time and expense.

Below, we have listed five common operational steps that all businesses should take in their GDPR and CaCPA privacy compliance programs:
Continue Reading California Consumer Privacy Act vs GDPR – How to Maximize Your Privacy Compliance Program

Drones hovering over ocean view

Regulating the Skies – FAA Drone Rules for Hobbyists

Drones, Privacy Law , , , , ,

In 2012, Congress placed the Federal Aviation Administration (“FAA”) in charge of regulating small unmanned aircraft systems, also known as drones. In response, the FAA promulgated regulations in 2015 and 2016 targeting the drone industry. These regulations required operators to register their systems and meet minimum safety and certification requirements, but excluded operators of preexisting model aircraft.

So far, hobbyist drone operators have used the model aircraft exclusion to temporarily block drone registrations, relying on a D.C. Circuit court opinion by Judge Brett Kavanaugh in May of 2017. Trump signed a bill reinstating the registration requirement in December 2017, however. In addition, a recent court ruling out of the D.C. Circuit Court of Appeals, Taylor v. Federal Aviation Administration (Case No. 16-302), upheld the FAA’s ability to regulate hobby drone operators.Continue Reading Regulating the Skies – FAA Drone Rules for Hobbyists

Image of man preaching

EU Court Finds GDPR Applies to Religious Preaching

GDPR, Non-Profits, Privacy Law , , , , , ,

On July 10, 2018 the Court of Justice of the European Union (CJEU) published an opinion finding that the General Data Protection Regulation (“GDPR”) applied to the collection of personal data during “door-to-door” preaching by the Jehovah’s Witnesses religious community. This data included the name and addresses of individuals contacted, and in certain cases, the individuals’ religious beliefs and family circumstances. Members of the Jehovah’s Witnesses community used this data to coordinate preaching efforts across territories and to maintain lists of individuals who did not wish to be visited.

The judgment in this case (CJEU C-25/17) highlights the broad scope of the GDPR in several ways. First, it shows the limitation of the “personal or household” exception to the GDPR. Continue Reading EU Court Finds GDPR Applies to Religious Preaching

Lock placed on computer keyboard

California Consumer Privacy Act – The Top 5 Things You Need to Know

California Privacy Law, Privacy Law , , ,

On June 28, 2018 Governor Brown signed off on the strictest set of data privacy laws to date in the United States – the California Consumer Privacy Act of 2018 (full text here). Learn more about how it compares to the former ballot initiative here.

The Consumer Privacy Act will give Californians unprecedented rights to know what information businesses collect about them, where that information comes from, and control how that information is shared. It applies to all companies that “do business” in California and that exceed one of the following thresholds:

  • Annual gross revenues of more than 25 million dollars
  • Processes the personal information of 50,000 or more California residents, households or devices annually
  • Receives 50% or more annual revenue from selling the personal information of California residents

According to a recent study by the International Association of Privacy Professionals, this means that over 500,000 US companies will be affected by the Consumer Privacy Act – including small to medium sized businesses.

Given the far-reaching effects of the Consumer Privacy Act, here are the top 5 things businesses should know about this new law:

1. The “Right to Know”: California consumers will have the ability to make a request, once every 12 months, to receive the following information about them:Continue Reading California Consumer Privacy Act – The Top 5 Things You Need to Know

1 10 11 12 13 14