CPPA Amends Draft CPRA Regulations & Announces Public Comment Dates -
The California Privacy Protection Agency (CPPA) has announced amendments to the California Privacy Rights Act proposed regulations, which primarily...more
7/13/2022
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Cookies ,
Data Breach ,
Data Brokers ,
Data Protection ,
Department of Justice (DOJ) ,
Enforcement ,
Federal Trade Commission (FTC) ,
FTC Act ,
General Data Protection Regulation (GDPR) ,
Metaverse ,
New Regulations ,
Privacy Laws ,
Rulemaking Process
Buying a car has evolved from the days of brick and mortar dealerships to e-commerce, where consumers can select their preferred dealer, reserve, order, finance, and purchase a new or used vehicle in a seamless transaction....more
7/6/2022
/ Augmented Reality ,
Blockchain ,
Class Action ,
Cryptocurrency ,
Cybersecurity ,
False Advertising ,
Federal Trade Commission (FTC) ,
FTC Act ,
Intellectual Property Protection ,
IRS ,
Metaverse ,
Popular ,
Truth in Lending Act (TILA) ,
Virtual Reality
As more states enact their own privacy laws, members of the privacy community and those impacted by privacy legislation continue to push for uniformity. The American Data Privacy and Protection Act (ADPPA) addresses this...more
7/6/2022
/ Biometric Information Privacy Act ,
Breach Notification Rule ,
California Consumer Privacy Act (CCPA) ,
Chief Privacy Officer ,
Communications Act of 1934 ,
Consumer Privacy Rights ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Data Privacy ,
Federal Trade Commission (FTC) ,
Online Safety for Children
The Federal Trade Commission (FTC) and Department of Justice (DOJ) recently ordered Twitter to pay $150 million for violating a 2011 FTC order that prohibited the company from misrepresenting its privacy and data security...more
California Privacy Protection Agency Releases Draft CPRA Regulations -
The California Privacy Protection Agency (CPPA) just released proposed California Privacy Rights Act (CPRA) regulations. The regulations expand...more
6/8/2022
/ Artificial Intelligence ,
Biometric Information ,
California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
CNIL ,
Cyber Crimes ,
Data Breach ,
Data Security ,
Department of Justice (DOJ) ,
Employment Discrimination ,
Equal Employment Opportunity Commission (EEOC) ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
Hiring & Firing ,
Job Applicants ,
Personal Information ,
Privacy Laws ,
Schrems I & Schrems II
As technology becomes increasingly a part of student learning, education technology (ed tech) companies, parents, and educators should stay abreast of children’s privacy rights under the Children’s Online Privacy Protection...more
Connecticut Passes the Fifth US State Consumer Privacy Law -
The Connecticut governor has formally signed and passed An Act Concerning Personal Data Privacy and Online Monitoring (CPDA), making this law the fifth US state...more
5/19/2022
/ Americans with Disabilities Act (ADA) ,
Artificial Intelligence ,
Blockchain ,
Brazil ,
CDPA ,
CNIL ,
Computer Fraud and Abuse Act (CFAA) ,
Cookies ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Data Processing Rules ,
Data Protection ,
Denmark ,
Department of Justice (DOJ) ,
European Parliament ,
France ,
General Data Protection Regulation (GDPR) ,
New Legislation ,
NIST ,
PHMSA ,
Proposed Amendments ,
Risk Mitigation ,
SCOTUS ,
Supply Chain ,
Virginia
Colorado Attorney General Seeks Rulemaking Comments for the Colorado Privacy Act -
With the Notice of Proposed Rulemaking set for fall 2022, Colorado’s Attorney General office is currently inviting preliminary comments for...more
4/8/2022
/ Artificial Intelligence ,
Chile ,
China ,
CNIL ,
Colorado ,
Cyber Incident Reporting ,
EU ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Commissioner's Office (ICO) ,
NIST ,
Personal Data ,
Risk Management ,
Rulemaking Process ,
Social Media ,
State Privacy Laws
Over half a decade after the industry developed its own standards in light of a lack of meaningful guidance from regulators, the Department of Justice recently issued a guidance document on compliance with the Americans with...more
The European Union (EU) and the United States (US) government have now reached an agreement in principle for a “Privacy Shield 2.0” to replace the original Privacy Shield Framework that was invalidated under the Schrems II...more
As more and more companies are developing and/or utilizing artificial intelligence (AI), it is important to consider risk management and best practices to address issues like bias in AI. The National Institute of Standards...more
US News -
Utah Will Soon Publish US’s Latest Comprehensive State Privacy Law -
The Utah Consumer Privacy Act, also known as Senate Bill 227, recently cleared the Senate and the House. Though there are a few more steps...more
3/11/2022
/ Biometric Information Privacy Act ,
California Privacy Rights Act (CPRA) ,
Class Action ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Department of Justice (DOJ) ,
Dismissals ,
Enforcement ,
EU ,
European Commission ,
General Data Protection Regulation (GDPR) ,
India ,
New Legislation ,
Oman ,
Popular ,
Privacy Laws ,
Proposed Regulation ,
Settlement ,
State and Local Government ,
State Privacy Laws ,
Wiretapping ,
Workers Compensation Act
United Kingdom New Standard Contractual Clauses Submitted to Parliament -
The United Kingdom has finalized its new International Data Transfer Agreement and Addendum to the new EU standard contractual clauses. Subject to...more
2/17/2022
/ Brazil ,
California Consumer Privacy Act (CCPA) ,
Cookies ,
COPPA ,
Customer-Loyalty Programs ,
Cybersecurity ,
Data Protection ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
NIST ,
Personal Data ,
Popular ,
Right of Access ,
Standard Contractual Clauses ,
UK
In a first-of-its-kind case, the Federal Trade Commission required Fashion Nova to pay $4.2 Million for blocking negative customer reviews in violation of the FTC Act. Shortly after, the agency released new guidance for...more
The California Attorney General sent a sweep of notices to businesses with loyalty programs alleging noncompliance with the California Consumer Privacy Act.
Why are loyalty programs implicated in the California Consumer...more
The New York State Fashion Sustainability and Social Accountability Act (S7428/ A8352) (Fashion Act) would require fashion retailers and manufacturers doing business in New York State to comply with stringent supply chain...more
Effective January 1, 2022, California Senate Bill 41, the Genetic Information Privacy Act (GIPA), imposes requirements on the collection, use, and disclosure of genetic data collected or derived from direct-to-consumer...more
FTC Warns Companies to Remediate Log4j Security Vulnerability -
Log4j is a ubiquitous piece of software used to record activities in a wide range of systems found in consumer-facing products and services. Recently, a...more
1/19/2022
/ Apple ,
Audits ,
CNIL ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Department of Defense (DOD) ,
European Data Protection Board (EDPB) ,
Federal Trade Commission (FTC) ,
GAO ,
General Data Protection Regulation (GDPR) ,
Opt-Outs
Best Practices for the Virginia Consumer Data Protection Act -
The Virginia Consumer Data Protection Act (VCDA) Working Group of the Joint Commission on Technology and Science released its final report on best practices...more
12/10/2021
/ CDPA ,
CNIL ,
Consumer Financial Protection Bureau (CFPB) ,
Consumer Privacy Rights ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Privacy ,
Data Security ,
Employee Monitoring ,
Enforcement Actions ,
ENISA ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
Fair Credit Reporting Act (FCRA) ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Privacy Laws ,
Ransomware ,
UNESCO ,
Virginia
The EDPB releases guidelines to clarify a simple but surprisingly confusing question, "What is a data transfer under the GDPR?" In light of the new guidelines, businesses should review potential transfer activities and ensure...more
The Los Angeles District Attorney’s Office has ordered Kanye West’s Yeezy brand to pay $950,000 to settle a class action lawsuit claiming that the brand’s delayed shipping, and lack of notice thereof, is a violation of...more
11/19/2021
/ Attorney's Fees ,
California ,
Civil Monetary Penalty ,
Class Action ,
False Advertising ,
Injunctive Relief ,
Refunds ,
Restitution ,
Settlement Agreements ,
Shipping ,
Unfair Competition
California Signs New CCPA and Privacy Related Bills into Law -
California’s Governor recently signed into law three new bills impacting CCPA and privacy in California, including:
AB 335, which exempts from the CCPA and...more
11/11/2021
/ California ,
California Consumer Privacy Act (CCPA) ,
China ,
Consumer Financial Protection Bureau (CFPB) ,
Cybersecurity ,
Data Collection ,
Department of Justice (DOJ) ,
Dodd-Frank ,
Federal Trade Commission (FTC) ,
Fraud ,
New Legislation ,
Personal Information ,
Popular ,
Ransomware ,
State Privacy Laws
The U.S. Federal Trade Commission (FTC) on October 13, 2021, warned 700 major consumer products companies and national advertisers that any future violations of the FTC’s endorsement and testimonial guidance could result in...more
FCC Seeks Public Comment on the Current and Future Regulation of the “Internet of Things” -
The FCC is requesting public comment in a proceeding that will help determine the scope and nature of regulation of the “Internet of...more
10/13/2021
/ Artificial Intelligence ,
Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
Class Action ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection Impact Assessments (DPIAs) ,
Enforcement Actions ,
FCC ,
General Data Protection Regulation (GDPR) ,
Hacking Back ,
Internet of Things ,
Malware ,
Mobile Apps ,
NIST ,
Notice of Proposed Rulemaking (NOPR) ,
Opt-Outs ,
Popular ,
Public Comment ,
Securities and Exchange Commission (SEC) ,
Securities Fraud ,
Settlement ,
Software
Second Circuit Denies Settlement of Data Breach Case Due to Lack of Standing -
As we previously reported, in April 2021, the Second Circuit became the latest federal circuit to hold that an individual may establish Article...more
9/23/2021
/ Arbitration ,
Article III ,
Biometric Information ,
Biometric Information Privacy Act ,
California ,
Class Action ,
Data Breach ,
Data Privacy ,
Data Protection ,
Declaratory Judgments ,
Health Care Providers ,
IL Supreme Court ,
Negligence ,
Pipelines ,
Putative Class Actions ,
Ransomware ,
Settlement ,
Standing ,
Unfair Competition ,
Unfair Competition Law (UCL) ,
Virtual Private Networks