Consistent with the cliché that “everything’s bigger in Texas,” the Texas legislature has introduced not one, but two separate bills relating to the privacy of personal information. Although still in their nascent stages, both bills are following California’s lead in creating enhanced and stringent privacy protections for individual consumers.

A surprise legislative storm ripped through Olympia, Washington last week, and the proposed Washington Privacy Act (SB-5376) took the brunt of the damage. The bill sailed through the Democrat-controlled Washington State Senate on a vote of 46-1, but encountered surprise headwinds in the Democrat-controlled State House.  The House failed to vote on the bill before the April 17th deadline for taking action on non-budget legislation.

Although there certainly will be more bills proposed to amend the California Consumer Privacy Act (CCPA), there already are a significant number of bills that have been working their way through the legislative process. One of these bills – SB561, which would expand the CCPA’s private right of action – received widespread attention when it was introduced

Recently, I had the pleasure of being interviewed by Julia Kerrigan, an articulate and insightful young journalist writing for her high school paper, The Dart. In my mind (that’s foreshadowing the challenges caused by my ego-centricity dear reader), the point of the conversation was for me to provide Julia with a primer on information privacy and security issues so that she could weave into her article a few observations from a so-called expert.

In our prior blog post, we discussed how the Washington Privacy Act (WPA) had passed the state’s senate and would be taken up by the state’s House of Representatives. On March 22, 2019, the House Innovation, Technology & Economic Development Committee held a public hearing on the legislation. A recording of the almost two-hour hearing

Having escaped the bleak midwinter of the Midwest for a few brief days, I find myself sitting poolside in sunny Orlando experiencing a few tantalizing hours of near summer temps. As I watch the inflatables being splashed about gleefully by children (mine included) impervious to the water’s lingering chill, my thoughts naturally turn to privacy and security (which is not a euphemism for my ill-fitting swimsuit by the way).

One of the myriad of issues arising from the California Consumer Privacy Act (CCPA) is the extent to which financial institutions subject to the Gramm-Leach-Bliley Act (GLBA) must comply with the CCPA’s requirements in light of Section 1798.145(e), which provides that the CCPA “shall not apply to personal information collected, processed, sold, or disclosed pursuant to [the GLBA], and implementing regulations.” Because the CCPA’s definition of “personal information” is broader than the GLBA’s definition of “nonpublic personal information,” financial institutions have been faced with the daunting task of not only data mapping but also classifying that data based on whether it is subject to the GLBA.