On September 26, 2018, the SEC brought its first ever enforcement action for violations of Regulation S-ID (the “Identity Theft Red Flags Rule”), 17 C.F.R. § 248.201, in addition to violations of Regulation S-P, 17 C.F.R. 30(a) (the “Safeguards … [Read more] about SEC Brings First Enforcement Action for Violation of the Identity Theft Red Flags Rule
On September 23, 2018, Governor Jerry Brown signed SB 1121, the amendment to the California Consumer Privacy Act (CCPA). SB 1121 attempts to clean up some drafting errors and ambiguities in the original legislation (AB 375), but it also effectively … [Read more] about Governor Jerry Brown Signs Amendment to the California Consumer Privacy Act
Ohio recently enacted the Ohio Data Protection Act (2018 SB 220), a law that offers a breach litigation safe harbor to businesses meeting specific cybersecurity standards. While the law does not prevent a plaintiff from filing a lawsuit following a … [Read more] about Ohio Enacts Cybersecurity Safe Harbor Law
India recently introduced the Personal Data Protection Bill 2018 (“Bill”). The transfer of personal data in India is currently governed by the SPD Rules (Sensitive Personal Data and Information, 2011), which is however considered outdated and not … [Read more] about India’s Draft Data Protection Bill: Another GDPR Around The Corner?
While it remains to be seen what the final text of the California Consumer Privacy Act (CCPA) looks like when it is ultimately implemented on January 1, 2020, at present it seems likely that businesses and employers can expect an influx of lawsuits … [Read more] about An Update on the California Consumer Privacy Act and Its Private Right of Action