Ahead of its next board meeting, scheduled for March 6 and 7, 2025, the California Privacy Protection Agency (CPPA) released even more proposed regulations, adding to an already full slate of proposed regulations, to amend...more
The act of predicting what will become the dominating storyline of data privacy and cybersecurity in 2025 is a hazardous enterprise, as one is almost surely to get something wrong. Without fail, every year, regulators and the...more
1/6/2025
/ Artificial Intelligence ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Digital Operational Resilience Act (DORA) ,
Enforcement Actions ,
EU ,
Machine Learning ,
PCI-DSS Standard ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
State Privacy Laws ,
Technology Sector ,
Web Tracking ,
Websites
Educational technology (EdTech) tools were critical during the COVID-19 pandemic and remain a key part of education, from digital textbooks and instructional material, to interactive applications for teachers, parents, and...more
10/31/2024
/ COPPA ,
Data Collection ,
EdTech ,
Educational Institutions ,
FERPA ,
Personal Data ,
Privacy Laws ,
Regulatory Agenda ,
SOPIPA ,
State Privacy Laws ,
Students ,
Technology Sector
On July 15, 2024, the California Privacy Protection Agency (CPPA) released proposed updates to the California Consumer Privacy Act (CCPA) regulations, including updates to the draft risk assessments, automated decisionmaking...more
Just past midnight on May 11, 2024, the Vermont Legislature passed H.121, the Vermont Data Privacy Act (VDPA). If signed into law, the VDPA would become the most onerous state comprehensive privacy law in the country. Among...more
5/30/2024
/ Consumer Privacy Rights ,
Governor Scott ,
Legislative Agendas ,
New Legislation ,
Popular ,
Privacy Acts ,
Privacy Laws ,
Private Right of Action ,
State and Local Government ,
State Legislatures ,
State Privacy Laws ,
Vermont
On August 28, 2023, the California Privacy Protection Agency (CPPA) released discussion drafts of regulations on cybersecurity audits and privacy risk assessments in advance of the CPPA’s meeting on September 8,...more
9/5/2023
/ Audits ,
California ,
California Privacy Protection Agency (CPPA) ,
Corporate Governance ,
Cybersecurity ,
New Regulations ,
Personal Information ,
Privacy Laws ,
Regulatory Agenda ,
Risk Assessment ,
Risk Management ,
State Privacy Laws
On July 10, 2023, the European Commission adopted its adequacy decision for the EU-US Data Privacy Framework (DPF). The decision concluded that the United States does ensure an adequate level of protection for transferring...more
7/14/2023
/ Data Privacy ,
Data Protection ,
Data Security ,
EU ,
EU Data Protection Laws ,
EU-US Privacy Shield ,
European Commission ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
SCC ,
Standard Contractual Clauses ,
US-EU Safe Harbor Framework
Following in the footsteps of Washington State’s My Health My Data Act, Nevada SB 370 and Connecticut SB 3 were both recently approved by their respective governors. As detailed below, the laws impose a number of new...more