Blog

There is no doubt that this is an important election year. While the presidential election will receive the majority of the attention, Proposition 24, a California ballot initiative regarding the California Privacy Rights Act (CPRA) will be another important vote to watch.

View the full webinar recording here.

In Part I, we explained the basics of the California Consumer Privacy Act (“CCPA” or “the Act”).
For those businesses which are subject to the Act, the first step towards compliance is
confronting the reason the legislation was passed in the first place: disclosure! In order for a
business to avoid legal trouble with their California clients, or the Office of the Attorney General
(“OAG”), it needs to implement a privacy policy that gives consumers effective notice about the
information that is being collected.

In general, the Illinois Biometric Information Privacy Act (“BIPA”) seeks to regulate “the collection, use, safeguarding, handling, storage, retention, and destruction of biometric identifiers and information.” Under BIPA, biometric identifiers include “a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry.”

I recently posted a link on LinkedIn to a New York Times article, with the observation that maybe one day soon, a stranger wearing augmented-reality glasses will know who you are, where you live and work and much more.

“Even a good expert can do a bad job.” These are the words of US District Judge William Alsup of the Northern District of California from his November 26, 2019 decision in the matter of Adkins v. Facebook, Inc., 18-05982-WHA.

The two risks that most insurers are least interested in underwriting are nuclear accidents and war. While nuclear accidents have been blessedly infrequent (sorry, Karen Silkwood), the scope and import of war exclusions have a long and curious history, ranging from marine losses to raiders during the American Civil War to airline hijackings by the PLO during the 1970s.

In our September 12, 2018 cybersecurity newsletter, we wrote about the warning sounded by the United States Government Accountability Office (GAO) in a report in which it found that urgent action was required to address the cybersecurity challenges facing the nation and the nation’s critical infrastructure

New York Broadens Breach Notification Statute and Adds Requirement that Businesses Implement Safeguards to Protect Private information

Last week, the U.S. Securities and Exchange Commission announced a consent cease and desist order and sanctions against Mizuho Securities USA LLC for its failure to enforce policies and procedures designed to protect against the disclosure of material non-public information between “execution and sales traders” to other traders and externally to customers.