Megan Kayo

Subscribe to all posts by Megan Kayo

FTC Issues Complaint and Proposed Settlement with Online Retailer for Deceptive and Unfair Security and Privacy Practices

On March 15, 2022, the Federal Trade Commission (FTC) announced it had filed a complaint against Residual Pumpkin Entity, LLC, formerly doing business as CafePress, and PlanetArt LLC, which bought CafePress in 2020 (collectively, CafePress). The FTC alleged that CafePress, an online platform used by consumers who bought or sold customized t-shirts, mugs, and other merchandise, had, … Continue Reading

SEC Proposes New Cybersecurity Reporting and Enhanced Standardized Disclosure

On March 9, 2022, the U.S. Securities and Exchange Commission (SEC) proposed new rules that would require current and periodic reporting of material cybersecurity incidents as well as more detailed disclosure of cybersecurity risk management, expertise, and governance. This alert summarizes the proposed changes, which are subject to public comment until the later of May 9, 2022 … Continue Reading

Court Orders Production of a Data Breach Forensic Report, Rejecting Arguments That Attorney-Client Privilege and Work Product Protection Apply

On January 12, 2021, the District Court of the District of Columbia was the latest court to grant a motion to compel production of a forensic report prepared by an external security-consulting firm in data breach litigation.1 This case involved a cyberattack on a law firm that led to the public dissemination of the confidential information … Continue Reading

Third Time’s the Charm? Newest Round of Modifications to Proposed CCPA Regulations Issued by the California Attorney General

On March 11, 2020, the California Attorney General issued further revisions to the proposed regulations implementing the California Consumer Privacy Act (CCPA). For context, in passing the CCPA, the legislature directed the California Attorney General to solicit broad public participation and adopt regulations to further the purposes of the CCPA. On October 11, 2019, the California Attorney … Continue Reading

CCPA Update: California Attorney General Issues Modifications to Proposed CCPA Regulations

Updates to Compliance Likely Required On February 10, 2020, the California Attorney General issued the proposed text of modified regulations implementing the California Consumer Privacy Act (CCPA). This draft is a correction of a version that the California Attorney General issued on February 7, 2020. While the California Attorney General previously indicated that major changes to the … Continue Reading

Data Brokers Must Register with California Attorney General by January 31

Given Broad Definitions, the Law Could Apply to Businesses That Do Not Consider Themselves Data Brokers While amending the California Consumer Privacy Act of 2018 (CCPA) last term, the California legislature also passed a CCPA-related privacy bill that applies to “data brokers.” Assembly Bill 1202 (AB 1202) requires businesses that qualify as data brokers to register, pay … Continue Reading

FTC Data Security Settlement with Auto Dealer Software Provider Goes Further than Ever Before

Provides Detailed Specifications Both for Information Security Program and Third-Party Assessments On June 12, 2019, the Federal Trade Commission (FTC) announced it had reached a proposed settlement with LightYear Dealer Technologies, LLC (doing business as “DealerBuilt”) over allegations that the automobile software provider’s inadequate data security practices had resulted in a data breach in 2016.1 … Continue Reading
LexBlog

We use cookies on our site to analyze traffic, enhance your experience, and provide you with tailored content. For more information or to opt-out, visit our privacy policy.

I agree