Author: PBA Cybersecurity and Data Privacy

The Pennsylvania Cybersecurity and Data Privacy Committee analyzes cybersecurity issues and educates PBA members about legal, regulatory and industry standards that preserve the confidentiality of protected information.

Pitfalls of Keystroke Recording in Light of Pennsylvania’s Wiretap Statute

By Lauren E. Kirchner, Firstrust Bank   Businesses across Pennsylvania, and indeed, outside of Pennsylvania, are behooved to stay apprised of recent litigation filed against two companies under the Pennsylvania Wiretapping and Electronic Surveillance Control Act of 1978 (“WESCA”) (18 Pa. C.S.A. §§ 5701 et seq.). In Popa v. Harriet Carter Gifts, Inc. et al.
Read More »

First CCPA Enforcement Action Sheds Light on Definition of “Sale of Data”

California Attorney General Rob Bonta announced the state’s first California Consumer Protection Act (CCPA) enforcement action this week. The Office of the Attorney General (OAG) released their proposed final judgment and permanent injunction against Sephora, stating that Sephora not only violated the CCPA’s “Do Not Sell” provisions and ignored Global Privacy Control (GPC) signals, but
Read More »

FTC Publishes ANPR for Public Comment on Commercial Surveillance and Harmful Data Security Practices

On August 22nd, the Federal Trade Commission (FTC) filed an Advanced Notice of Proposed Rulemaking (ANPR) to the Federal Register, starting the 60-day public comment period. The ANPR was published to “request public comment on the prevalence of commercial surveillance and data security practices that harm consumers.” Spanning 95 questions, the enumerated list of topics
Read More »

Updated DHHS OCR Guidance on Health Information Privacy After Dobbs

Medical providers across the United States have been scrambling to make sense of their professional responsibilities and corresponding liability risks in the wake of the Supreme Court’s ruling on Dobbs v. Jackson Women’s Health Organization. As was discussed here previously, the decision threatens to undermine the healthcare system as a whole, jeopardizing health information privacy
Read More »

One Step Closer to Federal Data Privacy Law Reform: H.R. 8152, the American Data Privacy and Protection Act (ADPPA)

Several bills have been under consideration by legislators in Washington, D.C., and the US Federal Privacy Legislation Tracker (hosted at IAPP) is a good starting point for those looking to get caught up. There have been several bills, but the major ones under deliberation have been the Consumer Data Privacy and Security Act of 2021
Read More »