Keypoint: This week Florida’s two bills continued to progress, the Washington Privacy Act failed to pass out of the House at the deadline (but the bill sponsor says it is still alive), new bills were introduced in Pennsylvania and North Carolina, and Maryland’s bill died.

Below is our eighth weekly update on the status of proposed CCPA-like privacy legislation. Before we get to our update, we wanted to provide two reminders.

First, we have been regularly updating our 2021 State Privacy Law Tracker to keep pace with the latest developments. We encourage you to bookmark the page for easy reference.

Second, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated.


Continue Reading Status of Proposed CCPA-Like State Privacy Legislation as of April 19, 2021

UPDATE: The below post discusses whether the Washington Privacy Act is still alive notwithstanding that the House failed to pass the bill prior to the April 11 deadline. In a tweet, bill sponsor Reuven Carlyle stated: “The bill remains alive through the end of the Legislative Session.”

Keypoint: This week bills in Florida and Connecticut continued to progress, the Washington Privacy Act failed to get out of the House at the deadline, and bills in Oklahoma and West Virginia died.

Below is our seventh weekly update on the status of proposed CCPA-like privacy legislation. Before we get to our update, we wanted to provide two reminders.

First, we have been regularly updating our 2021 State Privacy Law Tracker to keep pace with the latest developments. We encourage you to bookmark the page for easy reference.

Second, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated.


Continue Reading Status of Proposed CCPA-Like State Privacy Legislation as of April 12, 2021

Keypoint: It was another busy week with developments in Washington, Florida, Oklahoma, Alaska, Nevada, and Rhode Island.

For the sixth week in a row, we are providing an update on the status of proposed CCPA-like privacy legislation. Before we get to our update, we wanted to provide three notes.

First, we are pleased to announce the results of our poll on whether to call Virginia’s new privacy law – the Virginia Consumer Data Protection Act – the CDPA or VCDPA. By an overwhelming 85-15% margin readers prefer VCDPA to CDPA.

Second, we have been regularly updating our 2021 State Privacy Law Tracker to keep pace with the latest developments. We encourage you to bookmark the page for easy reference.

Third, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated.


Continue Reading Status of Proposed CCPA-Like State Privacy Legislation as of April 5, 2021

Keypoint: There were a number of notable developments this week: the Washington Privacy Act passed out of a house committee after adding a private right of action, there was more movement on the Florida and Connecticut bills, and Nevada lawmakers introduced companion bills that would expand the state’s right to opt out of sales.

For the fifth week in a row, we are providing an update on the status of proposed CCPA-like privacy legislation. Before we get to our update, we wanted to provide three reminders.

First, there has been so much debate about what to call Virginia’s new privacy law – the Virginia Consumer Data Protection Act – that we started an online poll. Tell us whether you think the law should be called the CDPA or VCPDA. We will keep voting open until April 2 and release the results on our blog.

Second, we have been regularly updating our 2021 State Privacy Law Tracker to keep pace with the latest developments. We encourage you to bookmark the page for easy reference.

Third, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated.


Continue Reading Status of Proposed CCPA-Like State Privacy Legislation as of March 29, 2021

Keypoint: It was another busy week with bills introduced in Colorado, New York and West Virginia, a committee hearing in New Jersey on three bills, a public hearing in Washington on the Washington Privacy Act, the Oklahoma bill was referred to the Senate Judiciary committee, one Florida bill passed out of committee, and a hearing was set on the other Florida bill.

For the fourth week in a row, we are providing an update on the status of proposed CCPA-like privacy legislation. Before we get to our update, we wanted to provide three reminders.

First, there has been so much debate about what to call Virginia’s new privacy law – the Virginia Consumer Data Protection Act – that we started an online poll. Tell us whether you think the law should be called the CDPA or VCPDA. We will keep voting open until April 2 and release the results on our blog.

Second, we have been regularly updating our 2021 State Privacy Law Tracker to keep pace with the latest developments. We encourage you to bookmark the page for easy reference.

Third, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated.


Continue Reading Status of Proposed CCPA-Like State Privacy Legislation as of March 22, 2021

Keypoint: There were four notable developments this week: the Florida House passed a bill out of committee, lawmakers proposed a new bill in Texas, the Washington Privacy Act was  scheduled for a public hearing and committee session on March 17 and 19, respectively, and the Illinois Right to Know Act was scheduled for a March 19 hearing in the Cybersecurity, Data Analytics & IT Committee.

For the third week in a row, we are providing an update on the status of proposed CCPA-like privacy legislation. Before we get to our update, we wanted to provide three reminders.

First, we hosted a webinar on Virginia’s Consumer Data Protection Act on March 11. You can access the recording here.

Second, we have been regularly updating our 2021 State Privacy Law Tracker to keep pace with the latest developments. We encourage you to bookmark the page for easy reference.

Third, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated.


Continue Reading Status of Proposed CCPA-Like State Privacy Legislation as of March 15, 2021

Keypoint: It was a busy week for privacy law. Since the update we provided last week Virginia’s bill was signed into law, bills in Washington and Oklahoma advanced, and Utah’s bill failed to pass before its legislative session closed.

Last week, we provided an update on the status of proposed CCPA-like privacy legislation. In that article, we noted that the contents were “time-sensitive and subject to change.” Typical to privacy law, in just a week, the landscape of these proposed laws changed dramatically. Given these changes, we decided to publish another update and, like last week, waited until a weekend when state legislatures are quiet.

Before we get to our update, we wanted to provide three reminders.

First, we will be hosting a webinar on Virginia’s Consumer Data Protection Act on March 11. You can register for the webinar here. If you are unable to attend the webinar live, you can still register, and we will email a copy of the presentation and a link to the webinar recording to you.

Second, we have been regularly updating our 2021 State Privacy Law Tracker to keep pace with the latest developments. We encourage you to bookmark the page for easy reference.

Third, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated.


Continue Reading Status of Proposed CCPA-Like State Privacy Legislation as of March 8, 2021

Keypoint: CCPA-like privacy bills continue to be introduced and work their way through state legislatures.

Those who attended our recent webinar or who subscribe to this blog know that we have been closely tracking proposed CCPA-like legislation in state legislatures across the country. We also launched a 2021 State Privacy Law Tracker to keep pace with the latest developments.

Yet, even with these efforts, there still are numerous developments occurring on a near daily basis. Therefore, we decided to wait until a weekend (when state legislatures are quiet) to provide a summary of where these bills stand. Of course, the contents provided below are time-sensitive and subject to change.


Continue Reading Status of Proposed CCPA-Like State Privacy Legislation as of March 1, 2021

On January 28, 2021, privacy professionals around the world will celebrate Data Privacy Day. This year, we decided to mark the occasion by gathering our team’s thoughts and expectations on what we expect to be the biggest privacy law stories in 2021 and beyond.

Last year we wrote a similar article, attempting to predict how the privacy landscape would unfold in 2020. We got some things right (e.g., the emergence of CCPA 2.0). But, let’s be honest, in March everything changed, including privacy law. As spring turned into summer our writing focused on the privacy law implications of COVID-19, including contact tracing, no contact temperature taking, and the unanticipated collection of heath information, among other unexpected topics. We also took note of developments overseas, including the Court of Justice of the European Union’s Schrems II decision and the emergence of Brazil’s federal privacy law, LGPD.

If there was one takeaway from 2020 from a privacy law perspective it was this – while it is impossible to predict its path, privacy law is rapidly growing and evolving, almost on a daily basis, and in nearly every corner of the world. With that, we turn to our 2021 predictions.


Continue Reading The Year to Come in U.S. Privacy & Cybersecurity Law (2021)

Keypoint: The use of no-contact temperature taking devices can be an important part of a company’s return-to-work program, but companies should fully vet these devices to ensure that they are not unintentionally violating privacy laws or exposing themselves to potential liabilities.

As U.S. companies start planning and implementing return-to-work plans, many are considering whether to use no-contact temperature taking devices.

The federal government has recognized that taking temperatures is a step that companies can take to mitigate the risk of spreading coronavirus. For example, the CDC interim guidance for critical infrastructure workers recommends that employers “measure the employee’s temperature and assess symptoms prior to them starting work.” EEOC return-to-work guidance also recognizes that employee screening “may include continuing to take temperatures . . . of all those entering the workplace.”

States and cities also have recommended taking temperatures. For example, in Colorado, the Governor’s office has encouraged large workplaces to implement symptom and temperature checks as part of the state’s gradual return-to-work strategy. New York Mayor Bill de Blasio has stated that temperature checks will be part of the City’s return-to-work program. New Jersey Governor Phil Murphy suggested that restaurants could check temperatures before allowing customers to enter.

However, the taking of temperatures creates logistical issues such as who should take the temperatures, what precautions should be in place, and when and where the temperatures should be taken. As with many other facets of this pandemic, companies have looked to technology to answer some of these questions, and there are many solutions – some old, some new – in the marketplace.

Depending on the type of device, the use of no-contact temperature taking devices can raise numerous privacy issues. As companies begin to vet and implement these devices, they will need to ensure that they do not unintentionally violate privacy laws or assume potential liabilities.


Continue Reading U.S. Privacy Law Implications with the Use of No-Contact Temperature Taking Devices