State and Local

In a letter to California’s Attorney General, a group of businesses and trade associations cited the COVID-19 crisis as having “encumbered businesses in their earnest efforts” to create CCPA compliant programs, and requested a delay in enforcement, which the AG denied. The group Californians for Consumer Privacy has announced the submission of more than 900,000 […]

The California Privacy Rights Act (aka “CCPA 2.0”) has obtained enough raw signatures to qualify for the November ballot, which currently are being verified by the counties. However, a complaint filed by the proponents of the CPRA indicates that the verification process may not be completed in time. The lawsuit alleges that Secretary of State […]

The California Attorney General took the final step of submitting the final text of the CCPA Regulations to the California Office of Administrative Law on June 1, but it’s uncertain whether enforcement will still start on July 1, as specified in the law. The AG’s office requested expedited review to meet that deadline, but an […]

The California Attorney General has submitted proposed final CCPA regulations to the California Office of Administrative Law. They are substantively the same as the draft rules released for public notice on March 11, but the AG’s responses to comments and Final Statements of Reasons provide guidance on their position on key ambiguities under the CCPA. […]

Fullstack Cyber Bootcamp, New York City’s cybersecurity bootcamp partner, will offer free introductory courses to people nationwide, providing an opportunity for individuals to explore the cybersecurity industry as a potential career path. The initiative will enable thousands of Americans to participate in nearly 40 hours of introductory cybersecurity training courses for free. Originally scheduled to […]

Virginia’s new Insurance Data Security Act, effective July 1, requires all regulated insurance entities to: Maintain an information security program Investigate all cybersecurity events Notify the Commissioner of Insurance of cybersecurity events Notify consumers affected by cybersecurity events. The legislation is based on a model law drafted by the National Association of Insurance Commissioners and […]

Arent Fox discusses recent developments in the following five proposed amendments to the California Consumer Privacy Act: AB 2004 Regarding Medical Test Results Verification Credentials: Authorizes issuers of medical test results to use verifiable credentials for the purpose of providing results to individuals. AB 2261 Regarding Facial Recognition Technology: Requires a controller using facial recognition […]

The Ohio House of Representatives has voted 93-1 for a bill that would expand the state’s definition of what constitutes a cybercrime, and increase penalties. It would make attempted hacking a felony-level offense, rather than just successful cyberattacks, which are currently defined broadly as either criminal mischief or unauthorized use of a computer. It specifically […]

Californians for Consumer Privacy have submitted hundreds of thousands more signatures than are required to put “CCPA 2.0” on California ballots in November. If the attorney general qualifies the initiative, and it passes, the new law would be noteworthy for a number of reasons: It will affect other legislation, most notably extending the provisions of […]

Rebecca Perry of Exterro identifies three primary obstacles that companies are running into as they prepare to comply with the California Consumer Privacy Act. She suggests some mistakes that general counsel and chief legal officers can correct to tighten up cross-departmental processes to help with their compliance efforts: Failing to harmonize the “right to be […]