top of page

Legal Tech News and Events: September 5, 2022


California's first CCPA settlement over privacy violations and new federal guidance on supply chain security for software developers.

September 5, 2022


Regulation: California Attorney General Announces First CCPA Settlement


California's Attorney General issued a statement for the first public settlement by the Office of the Attorney General (OAG) in regard to the California Consumer Privacy Act (CCPA). According to the OAG, a global beauty brand allegedly failed to disclose to its consumers that it was selling personal information, failed to process requests from users to opt-out of sale via user-enabled Global Privacy Control (GPC), do not have browser signals in violation of the CCPA, and non-action for the alleged violations within the 30-day period from the date the notice which is the allowed time by the CCPA.


OAG announced the details of the settlement, the company agreed to pay the penalty amounting to US$1.2 million and other specific requirements for compliance which include:


  • A clear statement that it sells data on its online disclosure and privacy policy.

  • Option for users to opt out of the sale of personal information, including via the Global Privacy Control

  • Change its service provider agreements to comply with CCPA

  • Provide reports to the OAG for the sale of personal information, the status of its service provider relationships, and its efforts to honor Global Privacy Control


Cybersecurity: Federal Agencies Released Supply Chain Security Guidance for Developers


With the growing risk in cybersecurity, federal agencies including the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) have released a report to guide software developers. Securing the Software Supply Chain for Developers created via the public-private working group Enduring Security Framework (ESF) aims to develop and issue cybersecurity recommendations and mitigations.


The report provides real-life cases and processes like the Secure Software Development Process, common threats, Security test plans, and detailed action plans.


InfiniGlobe helps legal departments maximize their technology investments with simple and useful technology. Discuss your goals or suggestions, email us at info@infiniglobe.com or call us (833) LGL-TECH

תגובות


What Else Are You Interested In?.

We love research and would be happy to share our finding with you.

bottom of page