Statutes, Rules & Regulations

On May 23, 2019, Nevada’s Senate approved NV SB 220; an act prohibiting website operators collecting information from consumers from making any sale of certain information about a consumer-like address, email, SSN or phone number – if so directed by the consumer. SB 220 modifies the Nevada Privacy of Information Collected Online (NPICIC) law (NRS […]

The Personal Data Protection Bill has been listed to be tabled in the Winter Session of the Indian Parliament which will begin on November 18, as published on Lok Sabha website. This Bill applies to the processing of consumer data by corporate entities. The businesses will be required to obtain consent from consumers to use […]

In February 2019, government watchdogs reported that the Federal Trade Commission has not been able to enact meaningful punishments against tech companies violating data privacy regulations and recommended reform that included adequate consequences. As a result of the findings, several lawmakers have proposed a variety of frameworks and legislation. However, many of the proposed data […]

The Cayman Islands data protection law 2017 (“DPL”) came into effect on September 30, 2019 and applies to all organizations, businesses and public authorities that use personal data. The DPL is centered on the following principles: Fair and lawful use Purpose limitation Data accuracy Storage limitation Respect for the individual’s rights Security – integrity & confidentiality International transfers (i.e., Personal […]

On May 30, 2019, Oregon Governor signed HB 2395 containing security measures required for devices that connect to the Internet and that are assigned an Internet Protocol address or another number that identifies the connected device. The manufacturer shall equip the connected device with “reasonable security features”, which may consist of means for authentication from […]

On June 6, 2019 Maine’s governor signed into law LD 946, “An Act To Protect the Privacy of Online Customer Information.” The Act applies to broadband internet service providers (ISPs) defined as any “mass-market retail service by wire or radio that provides the capability to transmit data to and receive data from all or substantially all […]

On April 25, 2019, the Nigeria Data Protection Regulation 2019 entered into force. The Regulation was issued by the National Information Technology Development Agency, NITDA, and it mirrors the EU General Data Protection Regulation (GDPR). The Regulation’s scope of application is quite broad. It applies to all transactions intended for the processing of personal data […]

On April 16, 2019, North Carolina House of Representative introduced H.B. 904. The Bill amends the Identity Theft Protection Act. Among the many changes introduced, the Bill: amends the definition of security breach to include any incident of “unauthorized access to or acquisition of (was, access to and acquisition of) unencrypted and unreacted records or […]

On April 22, 2019, the House of Representatives modified chapter 19.255 RCW to amend its data breach notification law. The definition of “data breach” does not change. The security of the system means “unauthorized acquisition of data that compromises the security, confidentiality, or integrity of personal information maintained by the person or business.” But HB […]

On March 27, 2019, the Utah Governor signed H.B.57 into law. The Bill modifies provisions related to privacy of electronic information or data and their access by law enforcement. H.B 57 defines electronic information and data as being any “information or data including a sign, signal, writing, image, sound, or intelligence of any nature transmitted […]