California’s IoT Security Law – Will this Law Really Improve Security?

California’s legislature recently passed SB-327, which is designed to require Internet of Things (IoT) and other “connected device” manufacturers to implement security features into internet connected devices. California Governor Jerry Brown signed the bill into law on September 28, 2018. While the attempt to improve security of these devices is […]

CCPA FAQs Part 2b: CCPA Rights and Other Material Provisions

In our third FAQs installment on the California Consumer Privacy Act of 2018 (the “CCPA” or the “Act”), we focus on the following: the additional two individual rights the CCPA provides— the right to delete personal information [1] and the right to equal service and price when a consumer exercises a […]

Brazil’s New Data Protection Law: The LGPD

Updated September 3, 2019 Our post on key updates to the LGPD can be found here The global data protection landscape continues to evolve, and Brazil is the latest country to enact an omnibus law governing how organizations collect, use, disclose and otherwise process personal data. Beginning on August 16, […]

The Evolution of Mirai Botnet Source Code Presents Increased Risk of Large-Scale DDoS Attacks

Over the past few years, several major distributed denial-of-service (“DDoS”) attacks took place, including a major event affecting the domain name service provider Dyn, which caused outages and slowness for a number of popular sites, including Amazon, Netflix, Reddit, SoundCloud, Spotify, and Twitter. However, since several of these large, highly-publicized attacks occurred in 2016, […]

GDPR and AML – a perfect pair?

The General Data Protection Regulation (GDPR) has been one of the most highly anticipated and talked about changes to the legal sphere in years, affecting the vast majority of businesses and individuals alike. The primary focus to date has been on the implementation deadline of 25 May 2018 and the […]

Ohio Enacts Liability “Safe Harbor” for Entities That Maintain Specified Cybersecurity Programs

On August 3, 2018, Ohio Governor John R. Kasich announced that he signed Substitute Senate Bill 220 (“SB 220” or “Bill”) that, in part, affords a litigation “safe harbor” to covered entities that implement, maintain, and comply with specified cybersecurity programs. Covered entities, e.g., businesses, sued after a data breach […]

FAQs on the California Consumer Privacy Act of 2018 – Part 2a: The CCPA Rights

In our next two FAQ installments on the California Consumer Privacy Act of 2018 (“CaCPA” or “Act”), we will focus on the individual rights established by the CaCPA, including the right to: Know what personal information is being collected about the consumer Know whether the consumer’s personal information is sold […]

FAQs on the California Consumer Privacy Act of 2018 – Part 1: The Basics

On June 28, 2018, the California Legislature passed Assembly Bill 375 and enacted the California Consumer Privacy Act of 2018 (the “CaCPA” or the “Act”). The Legislature rushed the bill through in order to preempt a more stringent privacy initiative from appearing on the November ballot, which if passed would have been […]

Crypto Up Next for IRS Enforcement

In an effort to maximize its limited resources, the IRS’ Large Business and International Division has been identifying issues that present greater risks of noncompliance. The list of identified issues has been growing since January 2017. Recently, the IRS added cryptocurrency to its list of compliance campaigns. In 2014, the […]

California Passes Sweeping Consumer Privacy Act

On June 27 the California Senate and Assembly unanimously approved the California Consumer Privacy Act of 2018 (CCPA), and Governor Jerry Brown signed it into law the same day. The CCPA was rushed through the legislative process to avoid passage of a more stringent privacy law planned for California’s November […]