May 132021
 May 13, 2021  Posted by  Laws, U.S.

Damon W. Silver and Gregory C. Brown Jr. of JacksonLewis write:

As we noted in our last post, there has been a flurry of data privacy and security activity in New York, with the State appearing poised to join California as a leader in this space.  Most recently, on April 29, 2021, the New York City Council passed the Tenant Data Privacy Act (“TDPA”), which would impose on owners of “smart access” buildings obligations related to their collection, use, safeguarding, and retention of tenant data.

Under the TDPA, a “smart access” building is one that uses electronic or computerized technology (e.g., a key fob), radio frequency identification cards, mobile phone applications, biometric information (e.g., fingerprints, voiceprints, hand or face geometry), or other digital technology to grant entry to the building, or to common areas or individual dwelling units therein.

Read more on Workplace Privacy, Data Management & Security Report

May 132021
 May 13, 2021  Posted by  Business, Laws, Online, U.S., Youth & Schools

Hunton Andrews Kurth writes:

On May 11, 2021, Senators Edward Markey (D-MA) and Bill Cassidy (R-LA) introduced the Children and Teens’ Online Privacy Protection Act (the “Bill”). The Bill, which would amend the existing Children’s Online Privacy Protection Act (“COPPA”), would prohibit companies from collecting personal information from children ages 13 to 15 without their consent.

The expanded consent standard would apply where companies “reasonably know” that children are on their platforms.

Read more on Privacy & Information & Security Law Blog.

May 122021
 May 12, 2021  Posted by  Laws, Non-U.S.

GATINEAU, QC, May 11, 2021 – A bill aimed at modernizing Canada’s outdated private sector privacy law would be “a step back overall” from the current law and needs significant changes if confidence in the digital economy is to be restored, the federal Privacy Commissioner says.

At the request of the House of Commons Standing Committee on Access to Information, Privacy and Ethics (ETHI), Commissioner Daniel Therrien has shared his submission on Bill C-11, the federal government’s proposed new private sector privacy law. In the submission, he notes, the bill is frequently misaligned and less protective than the laws of other jurisdictions.

“The bill would give consumers less control and organizations more flexibility in monetizing personal data, without increasing their accountability,” Commissioner Therrien says. “Furthermore, the penalty scheme is unjustifiably narrow and protracted.”

The Commissioner also noted the Office of the Privacy Commissioner of Canada (OPC) would be subject to several constraints when it needs more flexible tools to achieve its mandate in a difficult and rapidly changing environment.

“Privacy is not an impediment to innovation. On the contrary, legislation that effectively protects privacy can contribute to economic growth by providing consumers the confidence that their rights will be respected,” he says. “Many countries with strong privacy laws are also leaders in innovation.”

The submission sets out some 60 recommendations aimed at ensuring the Bill enhances privacy protections for Canadians while enabling responsible innovation for businesses.

Read more of the press release to read about the Privacy Commissioner of Canada’s concerns.

May 122021
 May 12, 2021  Posted by  Business, Laws, U.S.

Damon Silver and Melissa Pascualini of JacksonLewis write:

Effective July 9, 2021, certain retail and hospitality businesses that collect and use “biometric identifier information” from customers will need to post conspicuous notices near all customer entrances to their facilities.  These businesses will also be barred from selling, leasing, trading, sharing or otherwise profiting from the biometric identifier information they collect from customers.  Customers will have a private right of action to remedy violations, subject to a 30-day notice and cure period, with damages ranging from $500 to $5,000 per violation, along with attorneys’ fees.

These new requirements, which are set forth in an amendment to Title 22 of the NYC Admin. Code (the “Amendment”), apply to “commercial establishments,” a three-pronged category that includes:

  1. Food and drink establishments: Establishments that give or offer for sale to the public food or beverages for consumption or use on or off the premises, or on or off a pushcart, stand or vehicle.
  2. Places of entertainment: Privately or publicly owned and operated entertainment facilities, such as a theaters, stadiums, arenas, racetracks, museums, amusement parks, observatories, or other places where attractions, performances, concerts, exhibits, athletic games or contests are held.
  3. Retail stores: Establishments wherein consumer commodities are sold, displayed or offered for sale, or where services are provided to consumers at retail.

Read more on Workplace Privacy, Data Management & Security Report.