There’s no question that the novel Coronavirus, COVID-19, has created massive disruptions in our lives. Those of us who can work are working remotely, social distancing has become the rule of the day, and while this will end, there is no sure end date in sight.
Even some things that we thought might be unalterable have changed – tax returns have been delayed, and multiple laws are modified to fit the times, whether they be a holiday from parking tickets (at least in Los Angeles), to extensions of unemployment insurance and sick leave. But some things have not changed, and privacy laws are one of them.
Data Privacy and Security Laws Haven’t Changed
Privacy and security obligations under the European Union’s General Data Protection Regulation, protection of health data under the Health Insurance Portability and Accountability Act, financial privacy under Gramm-Leach-Bliley – all of these are still in place and being enforced. Contractual obligations, for the most part, remain unaffected (although force majeure clauses and governmental action might provide some relief).
And enforcement of the California Consumer Privacy Act of 2018 by the California Attorney General remains scheduled for July 1, 2020, even if the recently amended regulations interpreting the act don’t become effective until after that. Businesses throughout California have petitioned the Attorney General for a delay in enforcement while they contend with the disruptions of the current pandemic, without response from the AG.
Data Breaches Continue
One group that hasn’t been impacted by the COVID-19 pandemic has been data thieves. Yesterday, a non-scientific sampling of headlines included:
- Fake Email from WHO Installs Malware
- Town of Jupiter hit by malware ‘incident,’ knocking out several online systems
- Fake Corona Antivirus Software Used to Install Backdoor Malware
- Expert Comment: Five Billion Records Exposed In Open Data Breach Database
If anything, the pandemic has given hackers new venues to seek out victims under compelling phishing campaigns.
What Has Changed?