In the wake of several massive data breaches, consumer privacy (or lack thereof) has become a growing concern. For some, more surprising than the breaches was learning how much personal information companies collect from consumers—everything from Social Security numbers and email addresses to location data and demographics—and how much personal information is being sold or otherwise disseminated. As a result, legislation is being enacted around the world requiring companies to inform consumers about the collection and use of their personal information. Most notably in 2018, the European Union’s General Data Protection Regulation, commonly referred to as the GDPR, established groundbreaking consumer rights over the collection, retention and dissemination of personal information. In the United States, in the absence of federal consumer privacy law, states are enacting privacy legislation focusing upon: requiring transparency around the consumer personal information that companies are collecting and using; and providing consumers with control over the personal information. For example, California enacted the California Consumer Privacy Act (CCPA), which takes effect on Jan. 1, 2020.
Now, Pennsylvania is following suit. On April 5, Pennsylvania introduced House Bill 1049, which is currently pending before the Committee on Consumer Affairs. House Bill 1049, modeled after the CCPA, addresses consumer data privacy by setting forth the rights of consumers as well as the duties of companies relating to the collection of consumer personal information. Therefore, companies doing business in Pennsylvania should familiarize themselves with its key provisions and prepare for its enactment.
Even though House Bill 1049 is in committee and will likely be amended prior to its enactment, the are several provisions of the current bill that are the cornerstones of recent consumer privacy legislation and are likely to remain in the final bill. These are:
House Bill 1049 explicitly excludes information that is publicly available, even if it fits into any of the above categories of protected personal information.
Data privacy legislation is coming to Pennsylvania. Companies doing business in Pennsylvania must begin to examine critically their data collection, retention and dissemination practices to ensure compliance. Companies should analyze: what personal information they collect; how the personal information is being collected; why the personal information is being collected; how are they using the personal information; how the personal information is protected; and who has access to the personal information. Companies should also examine what personal information is being sold or disseminated to third parties and whether the third parties have systems in place for privacy compliance. Additionally, companies should develop policies and procedures that comply with the law, and should ensure that all employees are trained properly regarding the privacy obligations.
Christopher A. Iacono is a Partner in the government enforcement, compliance and white-collar litigation; health care; and litigation practice groups of Pietragallo Gordon Alfano Bosick & Raspanti. Mr. Iacono focuses his practice on commercial litigation, white-collar criminal defense, internal investigations, compliance, health care litigation and professional licensing litigation.
Gabrielle I. Weiss is an Associate at the firm. She is a member of the employment and labor group where she focuses on a variety of issues including defending discrimination claims and conducting internal investigations. Ms. Weiss also works on white collar and general litigation matters.
Reprinted with permission from the August 23, 2019 edition of the Legal Intelligencer© 2019 ALM Media Properties, LLC. All rights reserved.
PITTSBURGH, PA – Gabrielle I. Weiss has joined the Philadelphia, PA office of the law firm Pietragallo Gordon Alfano Bosick & Raspanti, LLP as an associate in the Employment and Labor Practice Group. Ms. Weiss received her B.S., cum laude, in Legal Studies in Business from Tulane University A.B. Freeman School of Business. She earned her J.D…. Read more »Read More
Articles In This Issue: 1. Collateral Wars 2. Virtual Testimony Andits Impact On The Confrontation Clause 3. Social Networking Sites: A Potential Hornet’s Nest For Employers 4. The Day The Supreme Court Failed To Consider 401(K) Liability: What Should Insureds Do To Reduce Their Exposure? 5. Walk The Line: Reporting Anticipated Fraud Violations May Be… Read more »Read More
Joseph L. Gordon will be presenting “OSHA’s Ten Most Common Violations – An Insider’s Perspective on Easy Solutions to Overlooked Hazards” at The Pennsylvania State Council of SHRM’s 2019 State Conference in State College, PA. Joe will be a co-presenter with Nicholas DeJesse, an Assistant Regional Administrator with OSHA. For more information, including how to attend… Read more »Read More
Marc Stephen Raspanti will be speaking at a False Claims Act Enforcement Roundtable on September 19, 2019 from 4:00-6:30pm in Miami, Florida. This event is being co-hosted by Pietragallo, Morgan Lewis, the Women’s White Collar Defense Association, and the American Bar Association’s Qui Tam Subcommittee for a False Claims Act/Qui Tam Roundtable, “Florida Style.” The discussion… Read more »Read More