The American Data Privacy and Protection Act (the “ADPPA”), a bill that would establish a comprehensive federal data privacy framework in the U.S., was formally introduced in the U.S. House of Representatives on June 21, 2022. Should the ADPPA become law, the United States will join the European Union and a handful of other countries such as Canada, Brazil, and New Zealand, in having a comprehensive data protection framework on a national level.

The U.S. Equal Employment Opportunity Commission (“EEOC”) is tasked with administrative enforcement of a variety of employment discrimination laws, including the Americans with Disabilities Act as amended (the “ADAAA”). The ADAAA prohibits discrimination against job applicants and employees based on “disabilities”, generally defined as a physical or mental impairment that substantially limits the individual in a major life activity. Employers of employees with a disability are required to provide disabled employee with a reasonable accommodation to enable the employee to perform the essential functions of their job, unless the reasonable accommodation would impose an undue hardship on the employer or in certain instances where the employee would still pose a direct threat to the health or safety of themselves or others that cannot be addressed by a reasonable accommodation. It is interesting, therefore, that the EEOC issued Technical Assistance on May 12, 2022 entitled The American with Disabilities Act and the Use of Software, Algorithms and Artificial Intelligence to Assess Job Applicants and Employees. The stated concern is that use of AI tools will disadvantage job applicants and employees with disabilities.  

The EEOC’s Technical Assistance is not law. It is not even regulation. But it does signal how the EEOC might deal with charges of discrimination brought by applicants and employees based on an employer’s use of AI. 

Connecticut Joins the State Comprehensive Data Privacy Law Bandwagon

On May 10, 2022, Connecticut became the fifth state in the U.S. to enact a comprehensive data privacy statute.

Effective July 1, 2023, the law imposes CCPA-like requirements on covered businesses. In scope and requirements, the law more closely mirrors Virginia’s and Colorado’s comprehensive privacy laws, effective January 1, 2023 and July 1, 2023, respectively. 

Effective July 1, 2022, owners of personally identifiable information on residents of Indiana must provide notice of a data breach no later than 45 days after discovering of the breach. Currently, Indiana’s data breach law requires notice of a breach “without unreasonable delay.” When the amendment goes into effect in July, the 45-day period will be the latest that notice can be given.

Utah is Fourth State to Pass Comprehensive Privacy Legislation

Utah recently became the fourth state in the United States, after California, Virginia and Colorado, to pass comprehensive privacy legislation. The Utah Consumer Privacy Act (the “UCPA”), passed by the Utah legislature as Senate Bill 227 and was signed by Governor Spencer Cox on March 24, 2022.

Invites to free webinars are not unsolicited advertisements, says Maryland federal court

The Telephone Consumer Protection Act (TCPA) prohibits sending an “unsolicited advertisement” to a fax machine, absent certain conditions. An “unsolicited advertisement” is “any material advertising the commercial availability or quality of any property, goods, or services which is transmitted to any person” without prior permission.

On its face, the TCPA’s definition seemingly would not include invitations to free seminars or webinars. However, in 2006 the Federal ...

The saga of the Capital One data breach, which impacted an estimated 106 million individuals in the U.S. and Canada, may soon be coming to an end. After more than two years of litigation, the parties have reached a settlement that would resolve existing and future consumer claims arising out of the 2019 breach which impacted Capital One customer information stored in the Amazon Web Services (AWS) cloud environment. If the settlement is approved, it will be one of the largest in any multidistrict data breach litigation.

California federal court rejects plaintiff’s attempt to circumvent Facebook

In April 2021, the Supreme Court dealt a massive blow to Telephone Consumer Protection Act claims based on automatic telephone dialing systems restrictions in its Facebook, Inc. v. Duguid ruling. You can read more about the Facebook decision here. In short, Facebook significantly narrowed the definition of “automatic telephone dialing systems,” thereby eliminating TCPA liability for voice calls—or text messages—produced by those systems. Facebook, however, did not limit liability for calls that used a prerecorded or artificial voice. But because text messages do not use prerecorded or artificial voices, Facebook was considered to largely (but not completely) wipe out TCPA liability for text messages.

Today the Supreme Court issued an order staying the OSHA Emergency Temporary Standard (ETS) that would have required all employers with 100 or more employees to enforce Covid-19 vaccination or testing requirements. 

On September 9, 2021, the Biden Administration issued a variety of measures designed to promote COVID-19 safeguards and decrease the spread of the COVID-19 virus. Such measures included two Executive Orders and President Biden’s COVID-19 Action Plan, all three of which greatly impact employers of varying sizes and industries.

About Data Points: Privacy & Data Security Blog

The technology and regulatory landscape is rapidly changing, thus impacting the manner in which companies across all industries operate, specifically in the ways they collect, use and secure confidential data. We provide transparent and cutting-edge insight on critical issues and dynamics. Our team informs business decision-makers about the information they must protect, and what to do if/when security is breached.

Stay Informed

* indicates required
Jump to Page

Subscribe To Our Newsletter

Stay Informed

* indicates required

By using this site, you agree to our updated Privacy Policy and our Terms of Use.