Swig Security Review 2019: Part I
From keynote speaker controversies, to hacktivism of a Google Chromecast variety, the year in infosec has certainly been a test of what divides us can only make us stronger – plus bugs, and lots of them.
[...]
David Oberly, associate at U.S. law firm Blank Rome
“By far, the most significant development of 2019 in the area of US privacy law pertains to the flurry of activity that transpired surrounding the California Consumer Privacy Act (CCPA), which goes into law at the beginning of next year.
In particular, two key developments took place with respect to the CCPA in 2019, both of which will substantially impact businesses’ CCPA compliance obligations for years to come.
First, the CCPA’s long-awaited amendments were finalized and signed into law. The amendments are a critical piece to the CCPA compliance puzzle, as they provide important clarification on ambiguous aspects of the law, while at the same time lessening the compliance burden on covered entities to some extent through the addition of several new exemptions.
Second, the California attorney general also issued its much-anticipated draft CCPA Regulations, which not only clear up some additional significant ambiguities, but also extend covered businesses’ compliance obligations well beyond the text of the CCPA itself.
Combined, companies have finally been afforded a clear, complete picture as to the full scope of requirements that must be adhered to in connection with this first-of-its-kind privacy law beginning at the start of next year.
The CCPA is the first of a coming tsunami of state-level privacy laws which, together, will radically shift how businesses collect, use, and protect personal data.”
"Swig Security Review 2019: Part I," by Catherine Chapman was published in The Daily Swig on December 23, 2019.