Data Privacy & Cybersecurity

U.S. companies that collect and store sensitive personal data have until July 8, 2025 to comply with a new Department of Justice rule, known as the Data Security Program (“DSP”). What is the Data Security Program? The DSP prohibits U.S. companies from sharing bulk sensitive personal data with individuals or entities from countries identified as foreign adversaries, including but not limited to China, Russia, Cuba, Venezuela, and Iran (“Covered Person(s)”). Under the program, sensitive personal data is defined broadly and is not limited to traditional "PII", such as social security numbers and bank account information.  Instead, the DSP aims to protect a much broader scope of information, including but not limited to human genomic information, geolocation information, biometric and health information, and financial information. Additionally, the DSP applies to government-related data, including any precise geolocation data and sensitive personal data that a transacting party markets as linked or linkable to certain current or recent former U.S. government employees....

New Jersey’s comprehensive data privacy law goes into effect today, January 15, 2025.  The law gives New Jersey consumers greater control over their data and imposes significant obligations on businesses that collect and process such data.  Some of the obligations include publishing a privacy policy detailing the business’s data collection, processing, and disclosure practices, providing consumers with the option to opt-out of the collection and disclosure of their information, and entering into written data processing agreements with third-party vendors that will be accessing or processing personal information.  For more information about the law, please see our prior published client alerts here and here.  If you need assistance in evaluating your business’s privacy compliance or if you have any questions or would like more information on the issues discussed in this Alert, please contact Kate Sherlock in Archer’s Voorhees office at 856-673-3919 or ksherlock@archerlaw.com ...

On January 16, 2024, Governor Murphy signed legislation protecting New Jersey consumer privacy rights and data (S332/A1971). Under the legislation, website owners and online providers are required to notify their customers and website visitors of their data collection, processing, and disclosure practices, in addition to providing New Jersey consumers with the option to opt-out of collection and disclosure.  New Jersey is the 13th state to pass a comprehensive privacy law granting consumers greater control over their data. Below is a summary of the law’s key provisions....