Privacy

Feb. 6-7 Event | 2023 Midwest Legal Conference on Data Privacy and Cybersecurity

By Greenberg Traurig, LLP on January 31, 2023

Posted in Data Privacy & Cybersecurity, Data Privacy Law, Events, Featured, Privacy

The 2023 Midwest Legal Conference on Data Privacy and Cybersecurity will take place in Minneapolis Feb. 6-7, featuring coverage on new developments in the industry and cutting-edge practice tips.

On Feb. 7, Greenberg Traurig Shareholders Stephen Baird and David A. Zetoony will present the session “Demystifying AdTech – How to Stay Compliant with Ever Changing…

5 Trends to Watch: 2023 Data Privacy & Cybersecurity

By Gretchen A. Ramos, Dr. Viola Bensinger, Jena M. Valdetero & David A. Zetoony on January 26, 2023

Posted in Cybersecurity, Data, Data Privacy & Cybersecurity, Featured, Privacy

An Increase in Extortion-Only Cyber Attacks – While ransomware attacks have been on the rise since 2020, a recent trend has emerged where threat actors are bypassing ransomware malware and encryption tactics and going straight to data theft. If a victim company does not pay the extortion demand, the threat actors engage in increasingly aggressive

…

Cookies and Other Tracking Technologies May Violate HIPAA

By Karin E. Ross & Tyler Thompson on January 9, 2023

Posted in Data collection, Data Privacy Law, Featured, HIPAA, Online tracking, Personal information, Privacy, Technology

Given recent Health and Human Services’ Office for Civil Rights guidance, HIPAA-regulated entities should consider immediately taking the steps discussed in this GT blog post to reduce the risk associated with their use of tracking technologies.
Continue Reading Cookies and Other Tracking Technologies May Violate HIPAA

FTC Delays Compliance Date of the Safeguards Rule

By Timothy A. Butler on January 5, 2023

Posted in Data Privacy & Cybersecurity, Featured, Financial institutions, Privacy, U.S. Federal Trade Commission (FTC)

Go-To Guide:

The Safeguards Rule compliance deadline is delayed by six months
Eight subsections of the Safeguards Rule are affected by the delay
The new effective date for compliance is June 9, 2023
The FTC cited implementation challenges for small business as the reason for the delay.

On Nov. 15, 2022, the Federal Trade Commission…

Don’t Have a Do-Not-Call Policy? Every SMS You Send Could Violate the TCPA and Come With A Private Right of Action

By Tyler Thompson on December 22, 2022

Posted in Cybersecurity, Data collection, Data Privacy & Cybersecurity, Data Privacy Law, Featured, Privacy, Privacy Legislation

The Telephone Consumer Protection Act (TCPA) covers unsolicited calls and texts, aimed at protecting consumers from harassing and unwanted communications. With the April 2021 Facebook SCOTUS case[1] (see GT Alert) reducing the prevalence of some TCPA claims with private rights of action, new claims are starting to emerge as plaintiffs’ favorites.

One…

Does a business have to provide a privacy notice directly to a consumer if it obtains the consumer’s data from a third party (i.e., purchases it)?

By David A. Zetoony on December 14, 2022

Posted in CCPA, Colorado, Connecticut, CPRA, Data, Data collection, Data Privacy & Cybersecurity, Data Privacy Law, Personal information, Privacy, Privacy Legislation, Utah, Virginia

Modern data privacy statutes require that organizations inform individuals about the organization’s privacy practices by creating a privacy notice (sometimes referred to as a privacy policy or a notice at collection). Some data privacy statutes provide specific directions regarding how the privacy notice must be distributed. For example, the California Consumer Privacy Act and the…

How may behavioral advertising trackers do websites deploy currently?

By David A. Zetoony on December 13, 2022

Posted in Data collection, Data Privacy & Cybersecurity, Online tracking, Privacy

A behavioral advertising cookie typically refers to a cookie that is used to track the websites a consumer visits for the purpose of identifying advertisements that may be of particular interest to the consumer and then serving such advertisements to the consumer. Behavioral advertising cookies are sometimes referred to as third-party behavioral advertising cookies, advertising…

‘Do Not Sell’ Links – How common are they really?

By David A. Zetoony on December 8, 2022

Posted in CCPA, Data, Data collection, Online tracking, Personal information, Privacy

A review of the Fortune 500 conducted approximately one year after the CCPA went into effect showed that 21 percent of websites included a “Do Not Sell My Personal Information” link; 78.6 percent of websites did not include a link to opt out of the sale of personal information.[1] Over the past year, that…

How many websites now have cookie banners?

By David A. Zetoony on December 7, 2022

Posted in Data collection, Online tracking, Personal information, Privacy

A “cookie banner” refers to a pop-up notice on a website that discusses the site’s use of cookies. There is little standardization concerning how cookie banners are deployed. For example, websites can position them in different places on the screen (e.g., across the top of the screen, across the bottom of the screen, in a…

Can a business require a consumer to submit a declaration under penalty of perjury in order to prove their identity?

By David A. Zetoony on November 22, 2022

Posted in California, CCPA, Data Privacy & Cybersecurity, Personal information, Privacy

The regulations implementing the CCPA require that a business verify the identity of a consumer that submits a specific-information access request to a “reasonably high degree of certainty.”[1] The regulations provide as an example matching three pieces of personal information provided by the consumer with three pieces of personal information maintained by the business…

Data Privacy Dish