With only three days left in the legislative session, and on the morning when my Op-Ed was published by the Tallahassee Democrat, the Florida Senate weighed in on the House’s passage of HB 969. There were two ways it could have done that: (1) take the House version sent to the Senate via messages and make changes to and vote on that version; or (2) ignore the version provided via messages and simply pass the pending version of SB 1734 in the Senate then send that version to the House via messages. It chose path #1. Moments ago, the Senate passed a strike-all amendment that struck the entirety of HB 969 and replaced it with a modified version of SB 1734. A separate post will discuss the modified version of SB 1734 in greater detail, but this post briefly explains where things stand now and what to expect next.
Continue Reading What Just Happened With Florida Privacy Legislation?
data privacy
Senate Version of Florida Privacy Law Moves Forward; House Version Makes Class-Action Lawsuits Even Easier
By Al Saikali on
The Florida Senate’s version of a new comprehensive privacy law (a.k.a. the “Florida Privacy Protection Act” (FPPA)) passed unscathed out of the Senate’s Committee on Commerce and Tourism yesterday. The bill’s sponsor fought off two proposed amendments: one that would have eliminated the private right of action and a second that would have required more than just a revenue threshold for the law to apply. This post describes what makes the FPPA more aggressive than the CCPA, it provides a summary of the Senate Committee hearing, and it shares some late-breaking news about the House version (HB 969).
Continue Reading Senate Version of Florida Privacy Law Moves Forward; House Version Makes Class-Action Lawsuits Even Easier
California AG Approves Additional CCPA Regulations
By Al Saikali on
Posted in CCPA
The California Attorney General has approved some modifications to regulations of the California Consumer Privacy Act (CCPA). The four new changes, which become effective today, are described by the California AG as follows:
Continue Reading California AG Approves Additional CCPA Regulations
Virginia’s Foray Into Comprehensive Privacy Law
By Colman McCarthy on
Posted in Data Privacy
The following post was prepared by guest contributor, my friend, my brother-in-arms, and newly-minted Partner in Shook’s Privacy and Data Security Practice, Colman McCarthy
Continue Reading Virginia’s Foray Into Comprehensive Privacy Law
Five Ways To Improve Florida’s Proposed Privacy Law
By Al Saikali on
The Florida Legislature is considering a comprehensive privacy law (HB 969) that would fundamentally change the landscape of how/whether companies do business in Florida. The bill is largely a “cut-and-paste” of the California Consumer Privacy Act (CCPA), but in some ways, it goes further than the CCPA and would make Florida’s law the most aggressive privacy law in the United States. As I have previously described, the bill would create significant privacy rights for Florida residents, including the right to know what personal information companies are collecting about them, the source of that information, how the information is being shared, a right to request a copy of that information, and a right to delete/correct that information. But the law goes too far – placing a crushing financial burden on most small and medium-sized businesses and creating a private right of action that dwarfs California’s version. This post analyzes the five most significant problems with HB 969 and proposes solutions.
Continue Reading Five Ways To Improve Florida’s Proposed Privacy Law
Florida Throws Its Hat Into the Privacy Ring, And It’s Looking A Lot Like California
By Al Saikali on
Yesterday, the Governor of Florida threw his support behind a newly introduced consumer data privacy bill (HB 969) which is very similar to the California Consumer Privacy Act of 2018. The Governor’s support is a significant development given that he and both chambers of the Florida Legislature are Republican and, to date, there has not been any aligned support for a privacy law since the Florida Information Protection Act (FIPA), Florida’s data breach notification law. Nevertheless, as with the CCPA, the bill proposes a boondoggle for the plaintiffs’ bar in the form of a private right of action for data breaches and statutory damages, which could present a significant obstacle to passage in the bill’s current form, particularly for a fairly business-friendly Florida Legislature.
Continue Reading Florida Throws Its Hat Into the Privacy Ring, And It’s Looking A Lot Like California
The Eleventh U.S. Circuit Weighs in on Data Breach Standing Issues
By Al Saikali on
Yesterday, in a 26-page opinion, the 11th U.S. Circuit Court of Appeals has weighed in on two important questions in the world of privacy and data breach litigation. First, does a plaintiff have standing where he was exposed to a substantial risk of future identity theft, even though there was no misuse of his information. The court’s answer is no. Second, what efforts to mitigate this risk does a plaintiff need to undertake to meet the standing requirement. Here, the court held that the plaintiff essentially manufactured his own injuries (wasted time, lost use of his preferred card, and lost credit card benefits) by voluntarily canceling his credit card, which is not enough to confer standing.
Continue Reading The Eleventh U.S. Circuit Weighs in on Data Breach Standing Issues