• The EU GDPR and The BorgFebruary 19, 2019

    For those of a certain generation the concept of “The Borg” invokes a seemingly inevitable force that pulls opponents into the “Collective” through a process of assimilation. According to the inestimable source, Wikipedia, the purpose of the Borg was to achieve perfection. This is a very brief post today to get that thought into your head and to see how we in the US – whether we like it or not –will be assimilated, directly or indirectly. Arguably the ‘direct’ method of assimilation would be... more

  • California Enacts First U.S. Law Requiring IoT CybersecurityFebruary 12, 2019

    “Smart” devices have become common, if not pervasive, experiences of daily life.  Parents may monitor a baby’s heart rate and oxygen levels through sensor enabled baby socks.  Businesses may equip fleet drivers with smart hats that measure alertness to monitor for accident-causing driver fatigue.  Yogis can utilize yoga clothing with integrated sensors that provides vibrating position correcting feedback to enhance their practice and experience completely virtual guided yoga.  Beachgoers can monitor UV exposure through integrated monitoring sensors in their swimsuits.  These types of devices comprise... more

  • Washington State Potentially Joins California with Broad Privacy LegislationFebruary 05, 2019

    If nature abhors a vacuum, then apparently so too does legislation. Between the EU General Data Protection Regulation and the still-evolving California Consumer Privacy Act (CCPA), there has been much discussion amongst us privacy wonks as to whether this is the time for a comprehensive federal privacy law to succeed. Whether this is the future, state legislatures are not standing by waiting patiently for Congress to act. On January 17th, Washington State legislators introduced Senate Bill 5376 (with a companion bill introduced concurrently in the... more

  • When Biometric Laws BiteJanuary 29, 2019

    Amongst the flurry of activity in the privacy space recently, there have been two particular trends that businesses need to monitor. The first is the state by state expansion of what constitutes personal information. A decade ago, most state laws emphasized an individual’s name in conjunction with a Social Security Number, a driver’s license, or some kind of financial account details. Now, at least with respect to breach reporting, state laws encompass insurance details, genetic information, biometrics, and potentially email addresses. This expansion of what... more

  • Massachusetts Expands Its Breach Notification Requirements: Are You Ready?January 22, 2019

    As of April 11, 2019, Massachusetts data breach victims will be entitled to enhanced rights and protections under An Act Relative To Consumer Protection From Security Breaches. Any company that deals with the personal information of Massachusetts residents should be mindful of these regulatory changes and update its data security policies and practices—importantly, including its required Written Information Security Program—to reflect these changes in advance of the April 11, 2019 effective date. Highlights of the regulatory change include: Effective April 11, 2019 Data Breach Regulations... more

Email Confirmation

Thank you for your interest in Burns & Levinson LLP. Please be aware that unsolicited e-mails and information sent to Burns & Levinson though our web site will not be considered confidential, may not receive a response, and do not create an attorney-client relationship with Burns & Levinson. If you are not already a client of Burns & Levinson, do not include anything confidential or secret in this e-mail. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not authorized to do so.

By clicking "OK" you acknowledge that, unless you are a current client, Burns & Levinson does not have any obligation to maintain the confidentiality of any information you send us.