Search Results: Privacy Compliance

College Board Settles for $750,000 Penalty for Sharing and Selling Student Data in Violation of New York State’s Student Privacy Law

On February 13, 2024, New York State’s Attorney General (AG) Letitia James and the New York State Education Department (NYSED) announced a $750,000 settlement with the non-profit College Board over allegations that College Board shared and sold student personal information in violation of the state’s student privacy law, New York…

Read More

New Jersey Privacy Law Helps Expand US Consumer Privacy System

On Jan. 16, New Jersey Gov. Phil Murphy (D) signed the New Jersey Data Privacy Act into law. Its passage makes New Jersey the 14th state to adopt a comprehensive consumer data privacy law. Given the NJDPA’s nuances compared to other current state privacy laws, companies subject to the New Jersey law will have…

Read More

CJEU ADM Decision Casts Wide Net Over Credit Scoring Agencies

On December 7, 2023, the Court of Justice of the European Union (“CJEU”) delivered a landmark decision against SCHUFA Holding AG (“SCHUFA”) that will likely impact how the EU General Data Protection Regulation (“GDPR”) applies to credit scoring agencies. In the decision, OQ v. Land Hessen, the CJEU decided that…

Read More

Delaware Personal Data Privacy Act: What Businesses Need to Know

On September 11, 2023, Delaware Governor John Carney signed House Bill No. 154, referred to as the Delaware Personal Data Privacy Act (DPDPA), into law. With the passage of the DPDPA, Delaware became the thirteenth state to adopt a comprehensive consumer data privacy law, joining California, Virginia, Colorado, Connecticut, Utah, Iowa, Indiana, Tennessee, Montana, Florida, Texas, and Oregon. The DPDPA…

Read More

October Cybersecurity Awareness Month Closes Out With Notable Changes in U.S. Regulation: New FTC Safeguards and NYDFS Cybersecurity Requirements Revealed

The cybersecurity world is ablaze as recent developments demonstrate an increased expectation of accountability and competence in the space. This trend is unsurprising given high-profile cyber-attacks coupled with advances in artificial intelligence (AI).  In fact, days after releasing the Administration’s Executive Order on the Safe, Secure, and Trustworthy Development and…

Read More

EU/UK Privacy & Cybersecurity News Roundup - Week of October 30, 2023

Case Law Updates and Fines On May 29, 2023, the Hellenic Data Protection Authority (HDPA) published Decision No. 20/2023, in which it fined WIND Hellas Telecommunications S.A. (now NOVA Telecommunications & Media Monoprosopi SA) €150,000, for violations of the General Data Protection Regulation (GDPR), following a complaint. You can read the press release here and the…

Read More

EU/UK Privacy & Cybersecurity News Roundup – Week of October 2, 2023

Data privacy case law and legislation is constantly updated in the United Kingdom and European Union to address key issues. In order to track the latest developments, we have set out a brief overview of case law updates, legislation, guidance and news. Case Law Updates and Fines On 3 August,…

Read More