In honor of Data Privacy Day—a worldwide effort to raise awareness and promote best practices in privacy and data protection—we offer this eighth edition of Gibson Dunn's United States Cybersecurity and Data Privacy Outlook and Review.
In 2019, companies, courts, and regulators faced unprecedented challenges as they navigated a rapidly evolving set of cybersecurity and privacy issues. Congress and state legislatures proposed (and, in the case of some states, enacted) measures ranging from limits on the use of consumer data to protecting children's internet privacy. Increasingly active federal and state regulators enforced data privacy, cybersecurity, and consumer protection standards in the face of novel cybersecurity threats. Private parties stepped up the pace of civil litigation in a year that saw numerous high-profile data breaches and continued questions over who can sue for damages. And questions regarding the government's ability to access data, from biometric information to files stored overseas, came into sharper legislative and judicial focus.
This Review places these, and other, 2019 developments in broader context, addressing: (1) the regulation of privacy and data security, including key legislative developments, enforcement actions by federal and state authorities, and new regulatory guidance; (2) trends in civil litigation around data privacy issues in areas including privacy class actions, digital communications, and biometric information privacy laws; and (3) the collection of electronically stored information by government actors, including the extraterritoriality of subpoenas and warrants and the collection of data from electronic devices. While we do not attempt to address every development that occurred in 2019, this Review examines a number of the most significant developments affecting companies as they navigate the evolving cybersecurity and privacy landscape.
This Review focuses on cybersecurity and privacy developments within the United States. For information on developments outside the United States, please see Gibson Dunn's International Cybersecurity and Data Privacy Outlook and Review, which addresses developments in 2019 outside the United States that are of relevance to domestic and international companies alike.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.