Biometric Information Privacy ActFacial Recognition Company Enters into Settlement Agreement for Alleged Violations of Illinois’ Biometric Information Privacy Act
Facial Recognition Company Enters into Settlement Agreement for Alleged Violations of Illinois’ Biometric Information Privacy Act

Facial Recognition Company Enters into Settlement Agreement for Alleged Violations of Illinois’ Biometric Information Privacy Act

On May 11, 2022, a consent order was entered into following a settlement agreement between Clearview AI, the American Civil Liberties Union (“ACLU”), and other parties ending a two-year long lawsuit regarding Illinois’ Biometric Information Privacy Act, the nation's first biometric privacy law.
May 25, 2022
No Comments
PCI Data Security Standards v4.0What Your Business Needs to Know About the Newly Announced PCI Data Security Standards v4.0
What Your Business Needs to Know About the Newly Announced PCI Data Security Standards v4.0

What Your Business Needs to Know About the Newly Announced PCI Data Security Standards v4.0

In a press release published on March 31st, the PCI Security Standards Council (PCI SSC) announced v4.0 of the PCI Data Security Standards (PCI DSS). In this blog post, we provide a brief overview of what’s new in this latest iteration of the standard. We also glance at the implementation timeline so that your business can get the ball rolling on the transition process.
April 12, 2022
No Comments
US Federal Privacy & Cybersecurity Regulatory DevelopmentsFederal Privacy and Cybersecurity Regulatory Developments – Key Updates
Federal Privacy and Cybersecurity Regulatory Developments – Key Updates

Federal Privacy and Cybersecurity Regulatory Developments – Key Updates

In the absence of overarching federal privacy legislation, enforcement authority over privacy and cybersecurity is shared among several different government agencies. With attention on privacy and cybersecurity-related issues rapidly increasing, federal agencies seek to address these issues by actively engaging in rulemaking, enforcement, and policy development.
April 6, 2022
No Comments
UCPA Utah Consumer Privacy ActThe Utah Consumer Privacy Act: The Fourth Comprehensive State Privacy Law Following California, Virginia, and Colorado
The Utah Consumer Privacy Act: The Fourth Comprehensive State Privacy Law Following California, Virginia, and Colorado

The Utah Consumer Privacy Act: The Fourth Comprehensive State Privacy Law Following California, Virginia, and Colorado

On March 24th, Utah Governor Spencer Cox signed Senate Bill 227, the Utah Consumer Privacy Act (“UCPA”), into law. Utah is the fourth state to enact a comprehensive privacy law, following California, Virginia, and Colorado.
March 29, 2022
No Comments
Trans-Atlantic Data Privacy FrameworkU.S. and European Commission Announce “Agreement in Principle” on a New Trans-Atlantic Data Privacy Framework
U.S. and European Commission Announce “Agreement in Principle” on a New Trans-Atlantic Data Privacy Framework

U.S. and European Commission Announce “Agreement in Principle” on a New Trans-Atlantic Data Privacy Framework

At a joint press conference on Friday, March 25, 2022, President Biden and European Commission President Ursula von der Leyen announced that the U.S. and the EU had reached an “agreement in principle on a new framework for transatlantic data flows.”
March 28, 2022
No Comments
UK International Data Transfer AgreementUpdate on International Data Transfers under the UK GDPR as of March 21, 2022
Update on International Data Transfers under the UK GDPR as of March 21, 2022

Update on International Data Transfers under the UK GDPR as of March 21, 2022

Following the UK's departure from the EU and the CJEU judgment in the Schrems II case, the UK Information Commissioner's Office (ICO) sought public consultation on August 11, 2021, regarding international data transfers outside the UK. After this consultation period, the Secretary of State on February 2, 2022, laid before Parliament (1) Version A1.0 of the International Data Transfer Agreement (the "IDTA"), (2) Version B1.0 of the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses (the "Addendum"), and (3) the International Data Transfer Agreement Transitional Provisions.

With no objections from Parliament, they came into force yesterday, March 21, 2022.
March 22, 2022
No Comments
New York Privacy ActThe New York Privacy Act: Proposed Privacy Legislation 2022 Update
The New York Privacy Act: Proposed Privacy Legislation 2022 Update

The New York Privacy Act: Proposed Privacy Legislation 2022 Update

On May 13, 2021, New York State Senator Kevin Thomas reintroduced the New York Privacy Act (S6701). With California, Virginia, and Colorado already having comprehensive state privacy laws on the books, New York may be the next state to have one of its own. As of February 8, 2022, the Senate version of the bill has been reported and committed to the Internet and Technology Committee.
Read on for some of the important details that businesses should know about the proposed legislation:
February 15, 2022
1 Comment
OCCFDIC Final Rule for Banking Organizations Notification RequirementsOCC/FDIC Board Final Rule for Bank Organizations Notification Requirements
OCC/FDIC Board Final Rule for Bank Organizations Notification Requirements

OCC/FDIC Board Final Rule for Bank Organizations Notification Requirements

On November 18, 2021, the three primary banking regulatory agencies -- the Office of the Comptroller of the Currency (OCC), Treasury; the Board of Governors of the Federal Reserve System (Board); and the Federal Deposit Insurance Corporation (FDIC) – jointly approved a final rule with two distinct notification requirements
November 24, 2021