Utah Consumer Privacy Act Newest State Privacy Act Signed into Law
The newest state data privacy law, the Utah Consumer Privacy Act, was signed into law by Utah Governor Spencer J. Cox on March 24, 2022. This makes Utah the fifth state...
California Attorney General’s Opinion States that Consumers’ Right to Know Includes Inferences
We all know businesses collect our data. But did you know that businesses can draw inferences from those data to determine whether a consumer is married, or is a homeowner, or...
At Least 22 States Have Consumer Privacy Legislation Pending – Will 2022 Be the Year for More State Privacy Laws?
California is the gold standard for state privacy laws, having recently enacted the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). Virginia and Colorado also have enacted...
Data Minimization: What Is It and Why Practice It?
The European Union’s General Data Protection Regulation (GDPR) first launched the concept of data minimization, which states that a data controller should limit the collection of personal information to what is...
CAAG Announces Investigative Sweep of Loyalty Programs’ Compliance with CCPA
California Attorney General Rob Bonta is serious about compliance with the California Consumer Privacy Act (CCPA). So serious, that on January 28, 2022, also known as Data Privacy Day, he announced...
Recent CCPA Enforcement Actions Highlight the Importance of a CCPA-Compliant Privacy Policy
This is the time of year for thought pieces reflecting on the past year or so to speculate on the hot topics for next year. I began to wonder about California...
$2.35 Million Settlement in Dickey’s Barbecue Data Breach Class Action
This week, a proposed data breach class action against Dickey’s Barbecue Restaurants Inc. was settled for $2.35 million in the U.S. District Court for the Northern District of Texas with approval...
Blackbaud Must Face CCPA Claims in Multi-district Class Action from Data Breach
Blackbaud, which suffered a data breach of its customers’ data in a ransomware attack in 2020, in which it admitted paying the ransom in a double extortion attack [view related posts],...
Volkswagen and Audi Hit with Data Breach Class Action
This week, Volkswagen AG’s U.S. entity and its Audi brand were hit with a class action for a data breach that allegedly compromised 3.3 million consumers’ personal information. In the U.S....
Keep Biometric Information Laws on the Radar for Compliance
Ever since the enactment of the Illinois Biometric Information Privacy Act (BIPA), we have been watching the development of laws around the collection, use, disclosure and retention of biometric information. In...