On January 16, 2024, New Jersey Governor Phil Murphy signed into law Senate Bill No. 332, “An Act concerning online services, consumers, and personal data” (“SB 332”). New Jersey is the fourteenth state to pass a comprehensive consumer privacy bill, and the obligations and rights created by SB 332 follow the format used in a growing number of states that have passed comprehensive consumer privacy laws.
Scope and Exemptions
SB 332 imposes obligations on “controllers” – entities or individuals that determine the purpose and means of processing personal data – that ...
There are cybersecurity lessons to be learned from high profile data breaches and the ensuing regulatory responses. The recent well-publicized Twitter hack is no different. According to the New York State Department of Financial Services (“NYSDFS”) investigation and report, on July 15, 2020, a 17-year old hacker and his accomplices easily misled Twitter’s employees into disclosing their credentials resulting in a breach of Twitter’s network and the hackers’ takeover of accounts assigned to high-profile users in just a 24-hour period. The NYSDFS concluded that ...
Blog Editors
Recent Updates
- State AGs in Action: Health Care Enforcement in 2026 – Speaking of Litigation Video Podcast
- The DOJ’s New Corporate Enforcement Policy: A Familiar but Now Nationally Unified Framework for Voluntary Self-Disclosure
- The Case Was Settled, but ChatGPT Thought Otherwise: A Dispute Poised to Define AI Legal Liability
- “Claude Is Not an Attorney”: Individuals Risk Abandoning the Attorney-Client Privilege and Attorney Work-Product Doctrine When Consulting AI
- Prediction Markets v. State Gaming Laws: The Kalshi Litigation Gamble