Privacy & Cyber Regulatory Enforcement

New Hampshire Passes Insurance Data Security Law

August 23, 2019 By Dorian Simmons

New Hampshire recently passed its Insurance Data Security Law based on the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. The law will go into effect January 1, 2020. New Hampshire is one of several states, including Alabama, Connecticut, Delaware, Michigan, Mississippi, Ohio, and South Carolina, that has passed an insurance data […]

The CCPA Could Reset Data Breach Litigation Risks

August 21, 2019 By Privacy, Cyber & Data Strategy Team

While much has been written about the California Consumer Privacy Act (“CCPA”), the focus has primarily been on the new rights it affords California consumers to have access to and control use of their data and opt out of many transfers to third parties. While this is a sea change in data privacy legislation in […]

Potential Changes to the CCPA; California Senate Considers Amendments

July 17, 2019 By David Keating and Dorian Simmons

On April 30, we detailed several proposed amendments to the California Consumer Privacy Act (the “CCPA”) that were advancing in the State Assembly (see our previous blog post here). Since then, a number of the proposed amendments passed the Assembly and moved to the California Senate, where they remain under consideration. This past week the […]

EU Ethics Guidelines For AI Are Just The Beginning

June 26, 2019 By Privacy, Cyber & Data Strategy Team

As previously discussed on the Alston & Bird Privacy Blog, the European Commission High-Level Expert Group on Artificial Intelligence released on April 8, 2019 the final version of its Ethics Guidelines for Trustworthy AI. The Guidelines, although not legally binding, are important because they represent the first significant government-initiated effort to influence the use of […]

Oregon Extends Data Breach Notification Obligations to Third Parties

June 11, 2019 By Privacy, Cyber & Data Strategy Team

On May 24, 2019, Oregon Governor Kate Brown signed into law Senate Bill 684 (SB 684). SB 684 amends the Oregon Consumer Identity Theft Protection Act (“OCITPA”) by extending data breach notification obligations to vendors and by broadening the definition of “personal information” to include information used to access an online account. SB684 extends breach […]