state privacy law workshop
play

State Privacy Law Workshop May 6, 2020 Libbie Canter, Kate Goodloe - PowerPoint PPT Presentation

Mar 03, 2023 •515 likes •1.07k views

State Privacy Law Workshop May 6, 2020 Libbie Canter, Kate Goodloe and Maggie Martin Presenters Libbie Canter Kate Goodloe Maggie Martin ECanter@cov.com m aggie.m artin@capitalone.com kateg@bsa.org 2 Agenda Comprehensive Privacy Laws

  1. State Privacy Law Workshop May 6, 2020 Libbie Canter, Kate Goodloe and Maggie Martin

  2. Presenters Libbie Canter Kate Goodloe Maggie Martin ECanter@cov.com m aggie.m artin@capitalone.com kateg@bsa.org 2

  3. Agenda  Comprehensive Privacy Laws  Where Are We?  The Substance  The Battlegrounds  Other Privacy Topics  Biometrics  IoT  Artificial Intelligence  Health and Genetic Privacy  Cybersecurity 3

  4. Part I Comprehensive Privacy Laws 4

  5. Where Are We? 5

  6. 2019 Privacy Proposals Introduced Passed one chamber Task force or study formed Signed into law ffsdf 6

  7. 2020 Privacy Proposals Introduced Passed one or more chamber Hearings held Signed into law Ballot initiative ffsdf 7

  8. The Battle in Washington State 8

  9. The Battle in Washington State 9

  10. Coronavirus Impact 10

  11. The Substance 11

  12. Key Battleground Issues  Enforcement, including private right of action  Scope of personal information covered  How “identifying” is it? To whom?  Application to employee and household data  Exclusions for de-identified or pseudonymous data  Exemptions for federally regulated entities 12

  13. Key Battleground Issues  Scope of rights with regard to sharing of data  Rights with respect to targeted advertising  Right to opt out of any disclosure of personal information  Additional consumer rights  “Other” issues (e.g. facial recognition)  Distinguishing between “controllers”/businesses and “processors”/third parties or service providers 13

  14. Key Legislative Models 14

  15. Minnesota HF 3096 Factors Content of Law Personal Data Covered All state residents  Transparency  Access Rights  Deletion  Opt-out from sale Sale/Disclosure Restrictions Other Rights Non-discrimination Accountability Other Features Enforcement AG & PROA 15

  16. New Hampshire HB 1680 Factors Content of Law Personal Data Covered All state residents  Transparency  Access Rights  Deletion  Opt-out from sale (opt-in for minors) Sale/Disclosure Restrictions Other Rights Accountability Other Features Enforcement AG only (except PRA for data breaches) 16

  17. Connecticut SB 134 Factors Content of Law Personal Data Covered All state residents  Transparency  Access Rights  Deletion  Opt-out from sale (opt-in for minors) Sale/Disclosure Restrictions Other Rights Accountability Other Features Enforcement AG only (except PRA for data breaches) 17

  18. Nebraska LB 746 Factors Content of Law Personal Data Covered Employee/B2B exceptions  Transparency  Access Rights  Deletion  Opt-out from sale (opt-in for minors) Sale/Disclosure Restrictions Other Rights Accountability Other Features Enforcement AG only 18

  19. Illinois SB 3299/ HB 5603 Factors Content of Law Personal Data Covered All state residents  Transparency  Access Rights  Deletion  Opt-out from sale Sale/Disclosure Restrictions Other Rights Accountability Other Features Enforcement AG only 19

  20. Arizona SB 1614 Factors Content of Law Personal Data Covered All consumers when any aspect of commercial conduct takes place in AZ  (but only if business sells data) Transparency  Access Rights  Deletion  Opt-out from sale (opt-in for minors) Sale/Disclosure Restrictions Other Rights Accountability Other Features HCR 2013 expresses preference for federal standard Enforcement AG only (except PRA for data breaches) 20

  21. Maryland SB 957 Factors Content of Law Personal Data Covered Employee/B2B exceptions  Transparency  Access Rights  Deletion  Opt-out from sale and disclosure Sale/Disclosure Restrictions Other Rights Accountability Other Features Enforcement AG, PRA (violation of CPA) 21

  22. Illinois SB 2330 Factors Content of Law Personal Data Covered Employee exception  Transparency  Access Rights  Deletion  Opt-out from sale and disclosures Sale/Disclosure Restrictions  Correction and opt out of processing Other Rights Accountability Risk assessments Other Features Enforcement AG only (except PRA for data breaches) 22

  23. Massachusetts S. 120 Factors Content of Law Personal Data Covered Narrow Employee Exception  Transparency  Access Rights  Deletion  Opt-out from third-party disclosure Sale/Disclosure Restrictions Other Rights Accountability Other Features Prohibits disclosure of PI if a business knows/willfully disregards under 18 Enforcement AG Enforcement & PRA 23

  24. Florida SB 1670 Factors Content of Law Personal Data Covered Employee/B2B exceptions  Transparency  (contemplated, but not clear) Access Rights Deletion X  Opt-out from sale Sale/Disclosure Restrictions  Correction right contemplated Other Rights Accountability Other Features Enforcement Dep’t of Legal Affairs only (no PRA) 24

  25. Louisiana HB 617, HB 654 Factors Content of Law Personal Data Covered All state residents  Transparency  Access Rights Deletion X  Opt-out from sale Sale/Disclosure Restrictions  Correction right contemplated Other Rights Accountability Other Features Restrictions on use of public records data for marketing/solicitations Enforcement DOJ only 25

  26. Washington PSSB 6281 Factors Content of Law Personal Data Covered Commercial/Employment exceptions  Transparency  Access Rights  Deletion  Opt out of sale Sale/Disclosure Restrictions  Rights to correction; opt out of targeted Other Rights advertising and profiling Accountability Data protection assessments Other Features Facial recognition regulation Enforcement Initially AG only; PRA added 26

  27. Wisconsin AB 870, 871, 872 Factors Content of Law Personal Data Covered All Wisconsin residents  Transparency  Access Rights  Deletion Sale/Disclosure Restrictions Via right to restrict processing  Right to restrict processing and Other Rights nondiscrimination Accountability Recordkeeping requirements Other Features Requires basis to process personal data; further limits sensitive personal data Enforcement AG only 27

  28. Arizona HB 2729 Factors Content of Law Personal Data Covered Employee/B2B exceptions  Transparency  Access Rights  Deletion  Opt out of sale Sale/Disclosure Restrictions  Rights to correction; restriction of Other Rights processing Accountability Other Features Enforcement AG only 28

  29. Minnesota SF 2912 Factors Content of Law Personal Data Covered Employee exception  Transparency  Access Rights  Deletion  Objection to targeted advertising Sale/Disclosure Restrictions (includes sale)  Objection to Processing, Rectification, Other Rights Profiling Accountability Risk Assessments Other Features Enforcement AG only 29

  30. Virginia HB 473 Factors Content of Law Personal Data Covered Employee/B2B exceptions  Transparency  Access Rights  Deletion  Opt out of sale for targeted ads Sale/Disclosure Restrictions  Rights to correction and to object to Other Rights processing and/or targeted advertising Accountability Risk assessments Other Features Enforcement Broad PRA 30

  31. New York Privacy Act – S 5642 Factors Content of Law Personal Data Covered Broad definition, but excludes employees and contractors  Privacy notice Transparency  Access, Correction, Deletion, Restrict Consumer Rights processing, Portability, Object to processing, Profiling restriction  Opt-in (sale and processing) Sales/ Disclosure Restrictions  Likely an indirect requirement Accountability Other Features No minimum company revenue threshold, Fiduciary duty, Pass through Enforcement AG, PRA: injunction/ damages (+atty’s fees) 31

  32. Vermont H. 899 Factors Content of Law Personal Data Covered Not clearly defined  (must include monetary value of data) Transparency Access Rights X  (social networking services only) Deletion Sale/Disclosure Restrictions X Other Rights Accountability Other Features Facial recognition restrictions Enforcement AG only 32

  33. Rhode Island H. 7778 Factors Content of Law Personal Data Covered All State Residents  Transparency Access Rights X Deletion X Sale/Disclosure Restrictions X Other Rights X Accountability X Other Features Enforcement AG only 33

  34. Uniform Law Commission ULC – Timeline Winter/Spring 2020 Drafting sessions Summer 2020 First reading draft to full ULC Summer 2021 Final draft to full ULC Summer 2022 Available for adoption by states 34

  35. Uniform Law Commission Factors Content of Law Personal Data Covered Excludes employees  + “privacy commitment” Transparency  Access, Correction, Deletion, Confirmation Consumer Rights of Processing Sales/ Disclosure Restrictions Opt-out of targeted advertising, profiling Accountability Privacy impact assessments, privacy officers Other Features Duties of: loyalty, data minimization, purpose limitation, nondiscrimination, data security Enforcement AG, PRA 35

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

pp W3C Privacy Workshop in Berlin 2014-11-21 W3C Privacy Workshop in Berlin 2014-11-21 pretty

pp W3C Privacy Workshop in Berlin 2014-11-21 W3C Privacy Workshop in Berlin 2014-11-21 pretty

pp W3C Privacy Workshop in Berlin 2014-11-21 W3C Privacy Workshop in Berlin 2014-11-21 pretty Easy privacy pretty Easy privacy Landscape of Messaging Solutions Voltage Datamotion Symantec Echoworx Totemo TrendMicro Peanut SMS

982 views • 15 slides
From Privacy To Opacity - Digital Me Management W3C Workshop - Privacy for Advanced Web APIs I

From Privacy To Opacity - Digital Me Management W3C Workshop - Privacy for Advanced Web APIs I

From Privacy To Opacity - Digital Me Management W3C Workshop - Privacy for Advanced Web APIs I am ? Karl Dubost Network Global Instantaneous Replicated Permanent ACCESS AND Traces lead to Patterns Privacy is cultural Robots.txt

287 views • 12 slides
The Privacy of Secured Computations Adam Smith Penn State Crypto & Big Data Workshop

The Privacy of Secured Computations Adam Smith Penn State Crypto & Big Data Workshop

The Privacy of Secured Computations Adam Smith Penn State Crypto & Big Data Workshop Relax it can only December 15, 2015 see metadata. Cartoon: 1 Big Data Every <length of time> your <household object> generates

832 views • 55 slides
Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy

Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy

Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy Alexandra Wood Berkman Klein Center for Internet & Society at Harvard University DIMACS/Northeast Big Data Hub Workshop on Overcoming Barriers to

964 views • 54 slides
PriBots Conversational Privacy with Chatbots Hamza Harkous 1 , Kassem Fawaz 2 , Kang. G. Shin 2 ,

PriBots Conversational Privacy with Chatbots Hamza Harkous 1 , Kassem Fawaz 2 , Kang. G. Shin 2 ,

PriBots Conversational Privacy with Chatbots Hamza Harkous 1 , Kassem Fawaz 2 , Kang. G. Shin 2 , Karl Aberer 1 1 EPFL; 2 University of Michigan Workshop on the Future of Privacy Notices and Indicators, SOUPS 2016 Privacy Notice: Current State 2

708 views • 50 slides
Making Privacy a Fundamental Component of Web Resources Paper presentation at W3C Workshop on

Making Privacy a Fundamental Component of Web Resources Paper presentation at W3C Workshop on

Making Privacy a Fundamental Component of Web Resources Paper presentation at W3C Workshop on Privacy for Advanced Web APIs July 12/13, 2010, London Dr. Thomas Dbendorfer thomas.duebendorfer@google.com Tech Lead, Privacy Engineering Team

350 views • 13 slides
K Anonymity Dagstuhl Workshop Federated Semantic 8 Data Management, June 2017 4 27.06.2017

K Anonymity Dagstuhl Workshop Federated Semantic 8 Data Management, June 2017 4 27.06.2017

27.06.2017 Schutz der Privatsphre (WS15/16) Introduction to Privacy (Part 1) You have zero privacy. Get over it. Scott McNealy, 1999 Privacy, k anonymity, and differential privacy Johann Christoph Freytag Humboldt-Universitt zu

457 views • 11 slides
Privacy Enhancing T echnologies Carmela Troncoso, Gradiant PRIPARE Workshop on Privacy by Design

Privacy Enhancing T echnologies Carmela Troncoso, Gradiant PRIPARE Workshop on Privacy by Design

T rialog, Atos, T rilateral, Inria , AUP, Gradiant, UPM, UUlm, Fraunhofer SIT, WIT , KU Leuve Privacy Enhancing T echnologies Carmela Troncoso, Gradiant PRIPARE Workshop on Privacy by Design Ulm 9 th -10 th March 2015 11/03/2015 Privacy

668 views • 48 slides
Interaction of RFID Technology and Public Policy Presentation at RFID Privacy Workshop @ MIT

Interaction of RFID Technology and Public Policy Presentation at RFID Privacy Workshop @ MIT

Interaction of RFID Technology and Public Policy Presentation at RFID Privacy Workshop @ MIT 15 TH November 2003 By Rakesh Kumar Wipro Technologies India Privacy Consumers Perspective Privacy can be defined as customers ability to

284 views • 17 slides
Privacy Invasions in Ubicomp Marc Langheinrich ETH Zurich http://www.inf.ethz.ch/~langhein/

Privacy Invasions in Ubicomp Marc Langheinrich ETH Zurich http://www.inf.ethz.ch/~langhein/

Privacy Invasions in Ubicomp Marc Langheinrich ETH Zurich http://www.inf.ethz.ch/~langhein/ Privacy Workshop, Ubicomp 2002 Helpful Concepts Privacy Workshop, Ubicomp 2002 ! Privacy Boundaries When do people feel their privacy is being

262 views • 9 slides
How Badly Broken is Privacy Legislation? And what can we do to fix it? 17th Annual Privacy and

How Badly Broken is Privacy Legislation? And what can we do to fix it? 17th Annual Privacy and

How Badly Broken is Privacy Legislation? And what can we do to fix it? 17th Annual Privacy and Security Conference Privacy and Security by Choice, not Chance Afternoon Workshop Wednesday February 3, 2016 Victoria, B.C. Canada Gerry Bliss

1.11k views • 63 slides
2016 International Workshop on Privacy Engineering IWPE 16 Tools in support of

2016 International Workshop on Privacy Engineering IWPE 16 Tools in support of

2016 International Workshop on Privacy Engineering IWPE 16 Tools in support of privacy engineering methodologies Tools for privacy communications Aleecia M. McDonald, PhD Non-resident Fellow, Stanford Center for Internet &

902 views • 15 slides
Privacy in the Smartphone Age Di Ma NSF US/Mid-East Workshop on Trustworthiness in Emerging

Privacy in the Smartphone Age Di Ma NSF US/Mid-East Workshop on Trustworthiness in Emerging

Privacy in the Smartphone Age Di Ma NSF US/Mid-East Workshop on Trustworthiness in Emerging Distributed Systems and Networks June 4-6, 2012 Istanbul, Turkey The issue Privacy in the smartphone age I s important because smartphones

233 views • 6 slides
Secure Genome me Analysis The privacy workshop is jointly

Secure Genome me Analysis The privacy workshop is jointly

The 2 nd Compe,,on on Cri,cal Assessment of Data Privacy and Protec,on Secure Genome me Analysis The privacy workshop is jointly sponsored by iDASH (U54HL108460) and

721 views • 53 slides
W3C Workshop on Privacy for Advanced Web APIs 12-13 July, 2010 I. Krontiris, A. Albers,

W3C Workshop on Privacy for Advanced Web APIs 12-13 July, 2010 I. Krontiris, A. Albers,

W3C Workshop on Privacy for Advanced Web APIs 12-13 July, 2010 I. Krontiris, A. Albers, K. Rannenberg Chair of Mobile Business Goethe University Frankfurt ... location privacy ... 2 Location Privacy the

473 views • 18 slides
Use cases from the perspective of Deutsche Telekom's Group Privacy W3C Workshop on Privacy and

Use cases from the perspective of Deutsche Telekom's Group Privacy W3C Workshop on Privacy and

Use cases from the perspective of Deutsche Telekom's Group Privacy W3C Workshop on Privacy and data usage control public Frank Wagner / Use cases from the perspective of Deutsche Telekom's Group Privacy 24.09.2010 1

464 views • 15 slides
UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware Paul Weliczko

UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware Paul Weliczko

UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware Paul Weliczko https://arstechnica.com/information-technology/2012/11/mushrooming-growth-of-ransomware- extorts-5-million-a-year/

298 views • 13 slides
Deleting an edge 5. Deletioncontraction and graph polynomials For a graph G and e E ,

Deleting an edge 5. Deletioncontraction and graph polynomials For a graph G and e E ,

S-72.2420 / T-79.5203 The deletioncontraction algorithm and graph polynomials 1 S-72.2420 / T-79.5203 The deletioncontraction algorithm and graph polynomials 3 Deleting an edge 5. Deletioncontraction and graph

199 views • 9 slides
Performance Improvement of Btrfs Miao Xie <miaox@cn.fujitsu.com> Li Zefan

Performance Improvement of Btrfs Miao Xie <miaox@cn.fujitsu.com> Li Zefan

Performance Improvement of Btrfs Miao Xie <miaox@cn.fujitsu.com> Li Zefan <lizf@cn.fujitsu.com> Agenda Comparison between Btrfs and Ext3/4 Issue analysis (We have investigated) Small file sequential read Large file

785 views • 36 slides
Fundamental Algorithms Chapter 9: Hash Tables Dirk Pfl uger Winter 2010/11 D. Pfl uger:

Fundamental Algorithms Chapter 9: Hash Tables Dirk Pfl uger Winter 2010/11 D. Pfl uger:

Technische Universit at M unchen Fundamental Algorithms Chapter 9: Hash Tables Dirk Pfl uger Winter 2010/11 D. Pfl uger: Fundamental Algorithms Chapter 9: Hash Tables, Winter 2010/11 1 Technische Universit at M unchen

247 views • 20 slides
Stacks, Queues, and Deques Stacks, Queues, and Deques A stack is a last in, first out (LIFO)

Stacks, Queues, and Deques Stacks, Queues, and Deques A stack is a last in, first out (LIFO)

Stacks, Queues, and Deques Stacks, Queues, and Deques A stack is a last in, first out (LIFO) data structure Items are removed from a stack in the reverse order from the way they were inserted A queue is a first in, first out (FIFO)

480 views • 28 slides
Rucio overview rucio-dev@cern.ch Overview Rucio in a nutshell Initially developed by the

Rucio overview rucio-dev@cern.ch Overview Rucio in a nutshell Initially developed by the

Rucio overview rucio-dev@cern.ch Overview Rucio in a nutshell Initially developed by the ATLAS experiment Provides services and libraries for scientific collaborations/experiments/communities Designed with more than 10 years of

390 views • 25 slides
Sequence Alignment: A General Overview COMP 571 Luay Nakhleh, Rice University Life through

Sequence Alignment: A General Overview COMP 571 Luay Nakhleh, Rice University Life through

Sequence Alignment: A General Overview COMP 571 Luay Nakhleh, Rice University Life through Evolution All living organisms are related to each other through evolution This means: any pair of organisms, no matter how different, have a common

1.05k views • 36 slides
Bayesian Network Parameter Learning from Incomplete Data Guy Van den Broeck, Karthika Mohan,

Bayesian Network Parameter Learning from Incomplete Data Guy Van den Broeck, Karthika Mohan,

Efficient Algorithms for Bayesian Network Parameter Learning from Incomplete Data Guy Van den Broeck, Karthika Mohan, Arthur Choi, Adnan Darwiche, and Judea Pearl UCLA UAI 2015 Learning from Incomplete Data Input: data and BN structure

781 views • 48 slides

More recommend