Maria Rouvalis in an Associate in Orrick’s internationally
recognized Cyber, Privacy & Data Innovation practice group. Her
practice focuses on the intersection of privacy, security and data management.
Maria partners with clients to navigate through the
patchwork of global laws impacting privacy and cybersecurity. She also helps
clients reduce the risk of privacy and security incidents.
Maria served as an intern for The Honorable Mary T.
Sullivan, Associate Justice of the Massachusetts Appeals Court. During law
school, she worked as a law clerk for Liberty Mutual, where she analyzed
European Union data privacy laws, and as a research assistant and assistant
producer for Neil Chayet's “Looking at the Law” program on CBS Radio.
Additionally, Maria is a Certified Information Privacy Professional/United
Prior to joining Orrick, Maria worked as an associate at a
boutique litigation firm, where she defended companies in business disputes.
On February 7 and again on February 10, 2020, the California Attorney General Xavier Becerra released an updated draft of proposed regulations pursuant to the California Consumer Privacy Act of 2018 (“CCPA”). The updated drafts feature significant changes, clarifications and reversals of policy from the original proposal.
The updated draft regulations—available here (clean) and here (redline to the original October 2019 Draft)—reflect input gathered during the public comment period and series of public hearings which concluded on December 6, 2019. The first draft of the proposed regulations, the public comments and the transcripts and audio of the public hearings are available on the Attorney General’s CCPA webpage. The Attorney General also updated the online cache of documents and other information relied upon in preparing the revised draft regulations here.
Happy New Year! At long last, the California Consumer Privacy Act of 2018 (“CCPA”) went into effect yesterday, January 1, 2020. For those who have not yet heard, the CCPA establishes a comprehensive legal framework to govern the collection and use of personal information, both online and offline, and provides unprecedented privacy rights to California consumers, in effect becoming the de facto national standard for U.S. privacy law. The law introduces new legal risks and considerations for companies that collect information from California consumers, due to the law’s expansive scope, broad definition of personal information, increased disclosure obligations, enhanced consumer rights, potential for statutory fines and, in the event of a security incident, the potential for consumer class action litigation. READ MORE
With the January 1, 2020 effective date of the California Consumer Privacy Act (the “CCPA”) rapidly approaching, all eyes have been on the California legislature’s consideration of a robust suite of amendments that would clarify ambiguities and address discrepancies underlying the prominent privacy statute. On October 11, 2019, six CCPA amendments were signed into law by the California Governor, as well as an amendment to the state’s breach notification statute. The rest of the CCPA amendments have either failed or will have to wait until next year for further consideration.
While the California Consumer Privacy Act (“CCPA”) has inspired many states to consider their own consumer privacy bills, including Nevada which recently enacted a new law, not to be lost in the CCPA-focused frenzy is the fact that states continue to revise their data breach notification statutes. In recent weeks, the new Massachusetts breach notification amendment has gone into effect, New Jersey, Maryland, Oregon, Texas, and Washington have enacted their own breach notification amendments, and Illinois has proposed a bill that is poised to become law in the near term. READ MORE