[co-author: Gabriella Manduca]
On March 2, 2021, Virginia Gov. Ralph Northam signed into law the Virginia Consumer Data Protection Act (CDPA), making Virginia the second state after California to enact comprehensive privacy legislation. The CDPA will become effective on January 1, 2023, the same day the California Privacy Rights Act (CPRA) comes into effect, replacing the current California Consumer Privacy Act (CCPA), which went into effect in 2020.
The new Virginia law draws on concepts from the European Union’s General Data Protection Regulation (GDPR) (such as the use of “controllers” and “processors”) and from California’s laws (such as the rights of consumers). The net result will be a more complicated privacy compliance environment for companies that will be further exacerbated if additional states enact their own “similar but different” approaches to privacy law.
Virginia Consumer Data Protection Act Series: Consumer Rights | Troutman Pepper
jdsupra.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from jdsupra.com Daily Mail and Mail on Sunday newspapers.
What is Global Privacy Control? Here s what you need to know
businessinsider.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from businessinsider.com Daily Mail and Mail on Sunday newspapers.
Enterprises can invest in state of the art threat defenses like next-gen firewalls, microsegmentation and zero trust tools, but even the very best tools assume that data breaches happen and aim to limit the damage. And sending and receiving data creates the potential for even further vulnerabilities because attackers can intercept data transfers.
Once attackers gain access to a network or data in transit, the best course of action to protect sensitive information is to make it indecipherable. This is done with encryption software that protects information stored, received and sent. Data secured with encryption can only be accessed using a password, adding an extra, vital layer of security.
Advertisement
Federal Court Finds the California Consumer Privacy Act (CCPA) Does Not Apply Retroactively, Dismissing Claims Against Walmart Stemming from an Alleged Data Breach Wednesday, March 10, 2021
A federal District Court in California recently dismissed a lawsuit against Walmart that arose from an alleged data breach. (
Gardiner v. Walmart, Inc., 20-cv-04618-JSW (N.D. Cal., March 5, 2021). Among other things, the court determined that California’s Consumer Privacy Act (CCPA) does not apply retroactively, dismissing the CCPA claim because the plaintiff had not specified the date of the alleged breach.
According to the allegations of the complaint, the plaintiff had provided certain personal identifying information (PII) to Walmart, including credit card information, when he created an online account. Plaintiff claimed that Walmart has been targeted numerous times by individuals who have hacked its website and its customers’ computers, and that the hackers p