Publication

Privacy & Cybersecurity Newsletter

August 2019

Locke Lord's Privacy & Cybersecurity Newsletter provides topical snapshots of recent developments in the fast-changing world of privacy, data protection, and cyber risk management. For further information on any of the subjects covered in the newsletter, please contact one of the members of our privacy and cybersecurity team.

To read the Locke Lord Privacy & Cybersecurity Newsletter, click here.

In This Issue

GDPR Enforcement - The Experience So Far
In 2018, GDPR compliance was a main focus for many organisations around the world. read more

GDPR - Extra-Territoriality Revisited
Although seemingly simple on its face, the test for determining whether an organization is subject to the European Union’s stringent data protection laws, the GDPR, continues to confound. read more

No Sale! Nevada Consumers May Opt Out of Personal Data Sales
With the recent passage of SB 220, Nevada has become the latest state to regulate consumer privacy online by allowing individuals to opt-out of certain sales of their information. read more

Biometrics: Illinois Supreme Court Allows No-Injury Biometric Information Privacy Act Claims in Complete Victory for Plaintiffs’ Bar
On January 25, 2019, the Illinois Supreme Court held that plaintiffs can assert claims and recover statutory damages under Illinois’s Biometric Information Privacy Act (BIPA) based on a bare violation of the statute without any showing of consequential harm. read more

Cybersecurity Update: NYDFS, NAIC, and What’s Going on in SC, OH, MI, and MS?
On March 1, 2017 the cybersecurity regulation of the New York Department of Financial Services (the DFS Regulation) took effect, requiring subject financial institutions (Covered Entities), including insurance companies, to, among other things, adopt written information security programs to address the protection of nonpublic information and information systems. read more

Data Privacy and Security for the HR Suite
On two fronts, the Human Resources department has an increasingly important role in the privacy and security of an organization’s data. read more

Privacy Law Update: Texas To Study Entering The Fray
The 2019 Texas legislative session recently passed a new bill on the consumer privacy front that strengthens the breach notification obligations under the Texas Identity Theft Enforcement and Protection Act (TITEPA, located in Section 521.053 of the Texas Business and Commerce Code) and creates the Texas Privacy Protection Advisory Council (TPPAC). read more 

CCPA Guide: Are You Covered by the CCPA?
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) will impose new privacy obligations on certain businesses that collect personal information of California consumers and are (or are jointly with others) responsible for determining the purposes and means of the processing of such information. read more

CCPA Guide: We Are Covered, So Now What Do We Do? Create a Project Plan!
Effective January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) will impose new privacy obligations on certain businesses that collect personal information of residents of California and are responsible for (or jointly with others) determining the purposes and means of the processing of such information. read more

CCPA Guide: Does Personal Information Include Employee and Employee Benefit Plan Data?
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) will impose new privacy obligations on certain businesses that collect personal information of California consumers. read more

Verifying the Verifiable - Considering a “Verifiable Consumer Request” Under the CCPA
You can’t hear it often enough: the California Consumer Privacy Act of 2018 (CCPA) – Cal. Civ. Code § 1798.100 et seq. – comes into effect on January 1, 2020 with enforcement by the Attorney General beginning on July 1, 2020 (6 months after the effective date). read more