California Privacy Rights Act (CPRA)

Maryland and California look to join the list of states that not only regulate biometric data but provide consumers with the opportunity to seek hefty statutory damages and attorney’s fees from offending businesses. Similar to Illinois’ oft-litigated Biometric Information Privacy Act (“BIPA”), both bills would also (i) require written consent prior to the collection of biometric information; (ii) impose BIPA-like security measures, and (iii) mandate specific retention criteria, as described below.
Continue Reading Maryland and California Propose Biometric Privacy Legislation that Would Include Illinois-Like Private Rights of Action

In preparation for the California Privacy Rights Act (CPRA), effective January 1, 2023, the California AG Rob Bonta has been actively enforcing the California Consumer Privacy Act (CCPA) and providing updated guidance for consumers and businesses. The AG recently held a press conference to discuss enforcement proceedings brought by his office over the last year

Virginia’s governor, Ralph Northam, signed the Virginia Consumer Data Protection Act (CDPA) into law on March 2, 2021. The CDPA is set to take effect on January 1, 2023, and is the second most comprehensive consumer privacy law to be enacted in the United States behind the California Consumer Privacy Act (CCPA), recently amended by