Connecticut has become the fifth state to pass comprehensive consumer data privacy legislation. Connecticut Governor Ned Lamont signed the bill into law on May 10, 2022, and the Connecticut Data Privacy Act” (CTDPA) will take effect on July 1, 2023. This Legal Update discusses the CTDPA’s scope; compares it with the other state privacy laws

Following in the footsteps of California, Virginia and Colorado, Utah has become the fourth state to pass comprehensive consumer data privacy legislation. Utah Governor Spencer Cox signed Utah Consumer Privacy Act (“UCPA”) into law on March 24, 2022—the first major state law domino to fall in 2022 and the first comprehensive data privacy legislation since

Colorado has become the third state to enact a comprehensive consumer data privacy statute. Passed by the Colorado General Assembly on June 8, 2021, and signed into law by Colorado Governor Jared Polis on July 7, 2021, the Colorado Privacy Act (“CPA”) is slated to come into effect on July 1, 2023. This Legal Update

Virginia has become the second state to enact a comprehensive consumer data privacy statute in the United States. Signed into law by Virginia Governor Ralph Northam on March 2, 2021, the Consumer Data Protection Act (“CDPA”) will take effect on January 1, 2023. While the CDPA shares some key components with the California Consumer Privacy

On November 3, 2020, a majority of Californians cast “yes” votes for Proposition 24, the ballot initiative enacting the California Privacy Rights Act of 2020 (CPRA). Although the election results have not yet been certified by the California Secretary of State and may not be before December 11, 2020 (the latest date), the CPRA had

The long-awaited enforcement date of July 1, 2020, for the California Consumer Privacy Act (“CCPA”) has finally arrived. The Office of the California Attorney General began enforcing the CCPA that very day, even before its implementing regulations (the “Regulations”) were finalized or approved. The Regulations finally became effective on August 14, 2020, but not before

The long-awaited enforcement date of July 1, 2020 for the California Consumer Privacy Act (“CCPA”) has finally arrived. However, the uncertainty that existed at the beginning of the year with respect to CCPA and its enforcement still exists. While the California Office of the Attorney General (“OAG”) has issued the final version of the implementing

Cybersecurity and data privacy presented some of the most complex legal questions and business risks that multinational companies faced in 2018. Businesses should expect continued growth in cyber and data privacy challenges in 2019.

Cyber attacks became even more sophisticated and severe in 2018, with incidents ranging from exfiltration and extortion schemes, to attacks on

By any measure, 2018 was a major year for data privacy regulation. The most significant regulatory development in this area was the European Union’s General Data Privacy Regulation (“GDPR”), which went into effect on May 25, 2018 and establishes what is probably the most rigorous data protection regime currently in existence. As adopted, GDPR includes

Cybersecurity and data privacy issues continued to grow in significance for multinational businesses over the past 12 months, further heightening the importance of preparing and responding in a strategic, coordinated and enterprise-wide manner in 2017.

The Trump administration has publicly provided limited details so far about its plans for cybersecurity and data privacy policy. Reports