Press "Enter" to skip to content

Posts published in “Data Privacy and Security”

Massachusetts AG Provides Guidance on Intersection of Artificial Intelligence and Existing State Laws

The Massachusetts Office of Attorney General (“AGO”) recently issued an Advisory on the development, supply, and use of artificial intelligence (“AI”).  The Advisory provides guidance in the context of the Massachusetts Consumer Protection Act,[1] Anti-Discrimination Law,[2] Data Security Law,[3] and associated regulations.

Nebraska Becomes 16th State to Enact Comprehensive Consumer Data Privacy Law

Nebraska Gov. Jim Pillen on April 17 signed into law LB 1074, the Nebraska Data Privacy Act, making Nebraska the 16th state to enact a comprehensive consumer data privacy law following California, Virginia, Colorado, Utah, Connecticut,  Iowa, Indiana, Tennessee, Montana, Texas, Oregon,  Delaware,  New Jersey, New Hampshire, and Kentucky.  The law will go into effect Jan. 1, 2025.

Kentucky Becomes 15th State to Enact a Comprehensive Consumer Data Privacy Law

Kentucky Gov. Andy Beshear on April 4 signed into law House Bill 15, the Kentucky Consumer Data Protection Act, making Kentucky the 15th state to enact a comprehensive consumer data privacy law following California, Virginia, Colorado, Utah, Connecticut,  Iowa, Indiana, Tennessee, Montana, Texas, Oregon,  Delaware,  New Jersey, and New Hampshire. 

New Hampshire Enacts Comprehensive Consumer Data Privacy Law

New Hampshire Gov. Chris Sununu on March 6 signed into law Senate Bill 255, making New Hampshire the 14th state to enact a comprehensive consumer data privacy law, following California, Virginia, Colorado, Utah, Connecticut,  Iowa, Indiana, Tennessee, Montana, Texas, Oregon,  Delaware, and New Jersey.  The law will go into effect Jan. 1, 2025.

Data Privacy & Security Roundup: New Laws, Regulations and Important Dates in 2024

The upward trend in data privacy legislation continued in 2023. According to the National Conference of State Legislatures, “[a]t least 40 states and Puerto Rico introduced or considered at least 350 consumer privacy bills in 2023,” a significant increase from the 200 bills in 2022. 

FTC Amends Safeguards Rule; Nonbank Financial Institutions Must Report Data Breaches to the FTC

The Federal Trade Commission recently announced approval of an amendment to the Gramm-Leach-Bliley Act Safeguards Rule to require nonbank financial institutions to report to the FTC the unauthorized acquisition of unencrypted customer information involving at least 500 consumers (a “notification event”).

Illinois Supreme Court Rules Separate Claims Accrue Under BIPA for Each Alleged Violation

The Illinois Supreme Court, after receiving a certified question from the U.S. Court of Appeals for the Seventh Circuit, recently held that a separate claim accrues under the Illinois Biometric Information Privacy Act each time a private entity improperly scans or transmits an individual’s biometric identifier or information.