Devin Chwastyk

February 21, 2023 | The Legal Intelligencer

The most substantial new changes will require attention from Pennsylvania municipalities and from businesses that contract with those municipalities or directly with the commonwealth, as the amendments impose new notice requirements and stricter deadlines on these entities.

By Devin Chwastyk

8 minute read

August 31, 2022 | The Legal Intelligencer

On Aug. 24, the California Office of the Attorney General (OAG) announced its first public enforcement action under the California Consumer Privacy Act (CCPA). A proposed settlement between the OAG and French-based cosmetics retailer Sephora would require Sephora to pay $1.2 million in penalties to resolve allegations that the company violated the CCPA.

By Devin Chwastyk and Christian Wolgemuth

10 minute read

November 15, 2021 | The Legal Intelligencer

This article will touch upon a few of the points that organizations need to be aware of as they begin adapting their compliance programs according to the PIPL.

By Devin Chwastyk and Christian Wolgemuth

6 minute read

September 06, 2021 | The Legal Intelligencer

Because of the specialized nature of this work, however, young attorneys may wonder how they can break into the field and develop a sustained practice in this area.

By Devin Chwastyk

6 minute read

April 23, 2021 | The Legal Intelligencer

Virginia has followed in California's footsteps and passed its own data and consumer privacy law, making it the second state (or, commonwealth) to pass a proactive data privacy law governing the collection and use of consumers' personal information.

By Devin Chwastyk and Christian Wolgemuth

7 minute read

September 02, 2020 | The Legal Intelligencer

This month's column wonders whether regulators finally have provided business leaders the necessary impetus to make timely reports of all data security breaches.

By Devin Chwastyk

6 minute read

April 23, 2020 | The Legal Intelligencer

This month's column on cybersecurity topics summarizes new state privacy laws that will have a broad national reach including the prospect of "CCPA 2.0"

By Devin Chwastyk

8 minute read

February 24, 2020 | The Legal Intelligencer

This first in a series of bimonthly columns on cybersecurity topics addresses how, in light of Dittman vs. UPMC, attorneys can help clients to establish the exercise of reasonable care in protection of personal information and avoidance of data breaches, by examining applicable industry standards and other recent guidance on best cybersecurity practices.

By Devin Chwastyk

10 minute read

July 19, 2019 | The Legal Intelligencer

On May 25, 2018, the European Union's General Data Protection Regulation took effect, sweeping aside a patchwork of laws governing data protection and breach notification in individual EU member states.

By Devin Chwastyk

8 minute read

January 31, 2017 | The Legal Intelligencer

Federal courts have varied widely in their interpretation of standing for plaintiffs in consumer protection class actions since last year's U.S. Supreme Court decision in Spokeo v. Robins, __ U.S. __, 136 S.Ct. 1540 (May 16, 2016).

By Devin Chwastyk

17 minute read