Eversheds Sutherland Cybersecurity and Privacy Insights Blog
content top

Accessibility—The hidden A in the CCPA

In the scramble to come into compliance before the January 1, 2020, deadline, companies may have overlooked a key—and potentially costly—requirement in the California Consumer Privacy Act (CCPA). Under the draft regulations to the CCPA, businesses are required to ensure that their internal and external notice and privacy policies are reasonably accessible to individuals with...

Twisting in the Wind—California Attorney General issues revised CCPA regulations

On February 10, 2020, the California Attorney General published revisions to the proposed regulations to implement the California Consumer Privacy Act of 2018 (CCPA). The changes largely clarify and soften some of the more onerous or prescriptive requirements of the proposed regulations—although many challenging aspects of the regulations remain, and new concepts make an appearance as...

US Cybersecurity and Data Privacy review and update: Looking back on 2019 and planning ahead for 2020

The reality of cybersecurity and data privacy threats and regulations proved a sobering one for many companies in 2019. The cost of data privacy began to hit home in January, with French regulators imposing a record fine for General Data Protection Regulation (GDPR) violations, and with subsequent global data privacy fines increasing in amount and frequency throughout the year. As the...

The state of US data privacy and cybersecurity laws in 2019

US data privacy and cybersecurity laws developed rapidly in 2019, especially in California, New York, Nevada and Massachusetts. While there are ongoing efforts to pass a federal privacy law, states are leading the way. Learn...

FTC effectively shuts down Utah company’s operations pending compliance with mandated data security plan

On November 12, 2019, the FTC announced that InfoTrax, a Utah technology company, agreed to implement an overhauled data security program as part of a 20-year consent agreement in the wake of a hack to the company’s network. InfoTrax is prohibited from collecting, selling, sharing, or storing personal information pending the overhaul of security operations—temporarily shutting down the...

« Older Entries