A useful summary of the patchwork of legislation across the US. My general advice for companies operating internationally is to take GDPR as your starting point, then look for specific enhancements by jurisdiction you operate in…:
A few weeks ago, Texas signed into law an amendment to its data breach law, capping off a busy first half of 2019 for state lawmakers in this arena. As we gear up for the second half of 2019, we thought a recap was worthwhile. The legislation reflects a number of trends, including increasing obligations on consumer reporting agencies (CRAs) to protect consumers (no doubt in part a reaction to the Equifax breach), and updating data breach notice and reporting to provide more transparency and more information to consumers to protect their data, and to update older laws to address developments in technology and risks.