Keypoint: New Utah law creates incentive for businesses to develop and implement a written cybersecurity program to protect themselves against data breach lawsuits.
On March 11, 2021, Utah governor Spencer Cox signed the Cybersecurity Affirmative Defense Act, which creates affirmative defenses to certain causes of action arising out of a breach of system security.
Keypoint: There were a number of notable developments this week: the Washington Privacy Act passed out of a house committee after adding a private right of action, there was more movement on the Florida and Connecticut bills, and Nevada lawmakers introduced companion bills that would expand the state’s right to opt out of sales.
For the fifth week in a row, we are providing an update on the status of proposed CCPA-like privacy legislation. Before we get to our update, we wanted to provide three reminders.
First, there has been so much debate about what to call Virginia’s new privacy law – the Virginia Consumer Data Protection Act – that we started an online poll. Tell us whether you think the law should be called the CDPA or VCPDA. We will keep voting open until April 2 and release the results on our blog.
Second, we have been regularly updating our 2021 State Privacy Law Tracker to keep pace with the latest developments. We encourage you to bookmark the page for easy reference.
Third, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated.
Continue Reading Status of Proposed CCPA-Like State Privacy Legislation as of March 29, 2021
Keypoint: It was another busy week with bills introduced in Colorado, New York and West Virginia, a committee hearing in New Jersey on three bills, a public hearing in Washington on the Washington Privacy Act, the Oklahoma bill was referred to the Senate Judiciary committee, one Florida bill passed out of committee, and a hearing was set on the other Florida bill.
For the fourth week in a row, we are providing an update on the status of proposed CCPA-like privacy legislation. Before we get to our update, we wanted to provide three reminders.
First, there has been so much debate about what to call Virginia’s new privacy law – the Virginia Consumer Data Protection Act – that we started an online poll. Tell us whether you think the law should be called the CDPA or VCPDA. We will keep voting open until April 2 and release the results on our blog.
Second, we have been regularly updating our 2021 State Privacy Law Tracker to keep pace with the latest developments. We encourage you to bookmark the page for easy reference.
Third, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated.
Continue Reading Status of Proposed CCPA-Like State Privacy Legislation as of March 22, 2021
Keypoint: CCPA-like privacy bills continue to be introduced and work their way through state legislatures.
Those who attended our recent webinar or who subscribe to this blog know that we have been closely tracking proposed CCPA-like legislation in state legislatures across the country. We also launched a 2021 State Privacy Law Tracker to keep pace with the latest developments.
Yet, even with these efforts, there still are numerous developments occurring on a near daily basis. Therefore, we decided to wait until a weekend (when state legislatures are quiet) to provide a summary of where these bills stand. Of course, the contents provided below are time-sensitive and subject to change.
Continue Reading Status of Proposed CCPA-Like State Privacy Legislation as of March 1, 2021
Let’s face it, tracking all of the proposed CCPA-like state privacy legislation has been nearly impossible. At last count, bills have been proposed in sixteen states, including Virginia, New York, Washington, Oklahoma, Arizona, Florida, Utah, Maryland, and Minnesota.
That’s why we created our new 2021 State Privacy Law Tracker.
The tracker identifies the states
On January 28, 2021, privacy professionals around the world will celebrate Data Privacy Day. This year, we decided to mark the occasion by gathering our team’s thoughts and expectations on what we expect to be the biggest privacy law stories in 2021 and beyond.
Last year we wrote a similar article, attempting to predict how the privacy landscape would unfold in 2020. We got some things right (e.g., the emergence of CCPA 2.0). But, let’s be honest, in March everything changed, including privacy law. As spring turned into summer our writing focused on the privacy law implications of COVID-19, including contact tracing, no contact temperature taking, and the unanticipated collection of heath information, among other unexpected topics. We also took note of developments overseas, including the Court of Justice of the European Union’s Schrems II decision and the emergence of Brazil’s federal privacy law, LGPD.
If there was one takeaway from 2020 from a privacy law perspective it was this – while it is impossible to predict its path, privacy law is rapidly growing and evolving, almost on a daily basis, and in nearly every corner of the world. With that, we turn to our 2021 predictions.
Continue Reading The Year to Come in U.S. Privacy & Cybersecurity Law (2021)
With state legislatures reconvening for 2021, numerous states already have seen California Consumer Privacy Act-like privacy legislation proposed, including Washington, New York, Minnesota, Virginia, Connecticut, Mississippi, and Oklahoma. Other states are expected to follow. Will this be the year another state (or states) joins California and enacts consumer privacy legislation?
Join Husch Blackwell Partner David
Keypoint: Five states are now considering online privacy legislation.
Virginia and Oklahoma join Washington, New York and Minnesota as states where lawmakers have proposed online privacy legislation this year. It is expected that lawmakers in other states will propose similar legislation in the coming weeks. As discussed in our prior posts, the fact the legislation has been proposed is not indicative of whether it has any chance of becoming law. Since lawmakers passed the California Consumer Privacy Act (CCPA) in 2018 numerous states have considered similar bills, but none of them has become law. That said, presumably one day another state (or more) will join California in passing such legislation.
Below is a brief summary of the two bills. To the extent that the bills appear poised for advancement we will provide a more detailed analysis.
In addition, on February 17, 2021, members of Husch Blackwell’s privacy and data security practice group will host a webinar to discuss all of the CCPA-like privacy bills proposed across the country. To register click here.
Continue Reading Privacy Legislation Proposed in Virginia and Oklahoma
Keypoint: Lawmakers in New York and Minnesota have proposed CCPA-like privacy legislation.
As state legislatures have started to convene for the 2021 session, state lawmakers have once-again proposed CCPA-like privacy legislation. As discussed in our prior post, in early January Washington lawmakers again proposed the Washington Privacy Act. In addition, over the last few days, CCPA-like legislation has been proposed in New York and Minnesota.
It is expected that CCPA-like legislation will be filed in more states over the coming days. Whether this legislation moves forward remains to be seen. With the exception of the Washington Privacy Act, over the last two years privacy legislation proposed in other states has failed to gain any traction.
Continue Reading Privacy Legislation Proposed in New York and Minnesota
Keypoint: The report provides five recommendations for proposed privacy legislation in Texas but does not propose specific statutory language or make recommendations on many key issues.
In a reminder that winter is likely to bring another round of proposed CCPA-like state privacy legislation, earlier this month, the Texas Privacy Protection Advisory Council issued an interim report with findings and recommendations for privacy legislation in Texas.
Continue Reading Texas Privacy Protection Advisory Council Issues Interim Report