The Matrix
Photo of The Matrix Steven M. Wernikoff
Partner
Co-Leader, Data, Privacy, and Cybersecurity Group
Co-Leader, Autonomous Vehicles Group
swernikoff@honigman.com
312.701.9380
View Bio »

Showing 9 posts by Steven M. Wernikoff.

Requirements for Businesses under Virginia’s New Consumer Data Protection Act

March 3, 2021 Posted by Steven M. Wernikoff

With Governor Ralph Northam’s signature yesterday, the Consumer Data Protection Act (“CDPA”) became law, making Virginia the second state after California to enact a comprehensive privacy law (with apologies to Nevada, which also has passed more modest privacy legislation). Although similar in many respects to the California Consumer Privacy Act (“CCPA”), which was recently updated by the Consumer Privacy Rights Act (“CPRA”), the law contains terminology more consistent with the European Union’s General Data Protection Regulation (“GDPR”).  More

Eleventh Circuit Joins Courts That Have Declined to Find Standing Based on Alleged Substantial Risk of Identity Theft Resulting From a Data Breach

February 8, 2021 Posted by Steven M. Wernikoff

In Tsao v. Captiva MVP Restaurant Partners, LLC, the Eleventh Circuit joined the federal appellate courts holding that a consumer’s exposure to a substantial risk of future identity theft, and efforts to mitigate the risk of future identity theft, are not sufficient to confer Article III standing. The decision highlights federal court’s struggle with the standing requirements in a data breach case, and possibly raises the likelihood that the U.S. Supreme Court will address the issue. More

Ransomware On the Rise: Unwary Victims May Pay Twice

November 12, 2020 Posted by Steven M. Wernikoff, Jad Sheikali, CIPP/US

Given the speculation and concern over ransomware attacks impacting the 2020 U.S. election, the recent spate of private companies falling victim to such attacks, and the October 1, 2020 advisory issued by the Department of Treasury (“Advisory”), it is no surprise that ransomware is trending in cybersecurity. More

Federal U.S. Autonomous Vehicle Bill Would Update Safety Standards and Require Detailed Privacy and Cybersecurity Plans

November 2, 2020 Posted by Steven M. Wernikoff

On September 23, 2020, Representatives Bob Latta (R-Ohio) and Greg Walden (R-Ore.) re-introduced the “Safely Ensuring Lives Future Deployment and Research In Vehicle Evolution Act’’ or the ‘‘SELF DRIVE Act” to create a federal framework for autonomous vehicles (“AVs”).  The measure lacks bipartisan support and is not expected to reach the floor of the House of Representatives during this session.  But the continued effort demonstrates the importance that many lawmakers put on promoting a U.S.-led effort in the development of self-driving vehicles.  The matter likely will be among the key transportation themes before the next session of Congress, which convenes in January.  On the Senate side, policymakers have not advanced autonomous vehicle bills.  In the previous congressional session, an autonomous vehicle policy measure advanced in the House but came up short in the Senate. More

Considerations When Receiving a Civil Investigative Demand

August 7, 2020 Posted by Steven M. Wernikoff

A number of U.S. federal agencies have authority to issue a type of administrative subpoena called a Civil Investigative Demand (“CID”) to obtain relevant information as part of an investigation. For example, both the Federal Trade Commission (“FTC”) and the Consumer Financial Protection Bureau (“CFPB”) have authority to issue CIDs to obtain documents and testimony in investigations related to privacy, data security, deceptive marketing, and financial fraud. This article identifies some items to consider when receiving a CIDs based on my experience issuing and reviewing hundreds of CIDs as an enforcement attorney in the Chicago office of the FTC. More

Privacy Tips for Ed Tech Companies and Schools Conducting Remote Learning

April 20, 2020 Posted by Steven M. Wernikoff, Jad Sheikali, CIPP/US

As schools increasingly are adjusting to remote learning and utilizing education technology (“ed tech”) services, both schools and their ed tech service providers need to consider the appropriate collection and usage of student personal information.  Here are some tips for protecting students’ privacy and safeguarding personal data: More

New York’s Newly-Enacted SHIELD Act May Prove To Be Sword To Unprepared Businesses

April 17, 2020 Posted by Jad Sheikali, CIPP/US, Steven M. Wernikoff

New York’s Stop Hacks and Improve Electronic Data Security Act (the “SHIELD Act”) took effect on March 21, 2020.  The Act expands existing state breach notification requirements and imposes specific data security protections for covered businesses that own or license the private information of New York residents, regardless of whether those businesses are based in New York. The Act also broadens the definition of “private information” to include new types and combinations of data. More

Washington’s New State Facial Recognition Law May Signal a New Norm for Technology Providers

April 3, 2020 Posted by Steven M. Wernikoff, Jad Sheikali, CIPP/US

On March 31, 2020, Washington Senate Bill No. 6280 (the “Act”) became law, codifying one of the most detailed facial recognition regulations in the country. The Act regulates state and local government agencies in Washington using or intending to develop, procure, or use a facial recognition service but also includes important considerations for companies designing this technology. More

Practices to Stay Cybersafe While Remote Working

March 25, 2020 Posted by Michael P. Hindelang, CIPP/US, CIPM, Karl A. Hochkammer, CIPP/US, Jad Sheikali, CIPP/US, Steven M. Wernikoff

Under extraordinary circumstances, businesses are quickly adapting to remote work on a large scale. In doing so, companies should promote best practices to protect sensitive data. Below are some techniques that your company can employ to help ensure that sensitive personal or company information stays safe: More

Jump to Page