As 2020 draws to a close and we approach CCPA’s first birthday, the regulations continue to remain very much in “infant” mode. On December 10, 2020, the California Attorney General released a fourth set of proposed...more
Loot boxes have become a regular feature in many mainstream video games. However, while their popularity is clear amongst gamers, the legal issues and positions from regulators about their use, both in the US and abroad, are...more
By ballot initiative, California residents recently approved Proposition 24, or the California Privacy Rights Act (CPRA), with approximately 56 percent voting in favor. CPRA significantly amends the CCPA by expanding...more
The California Attorney General recently released a third set of proposed modifications to the CCPA regulations. As we previously covered, the CCPA regulations were approved and went into effect on August 14, 2020. Many...more
On September 23, the U.S. Food and Drug Administration (FDA) published a proposed rule to modify its intended use regulations. In its current form, the regulations have created long-standing confusion as to whether mere...more
By scrolling this page, clicking a link or continuing to browse our website, you consent to our use of cookies as described in our Cookie and Advertising Policy. If you do not wish to accept cookies from our website, or would...more
On September 14, 2020, the U.S. Food and Drug Administration (FDA) released an update on the status of its Software Precertification (Pre-Cert) Program. It is the only public update on the program in 2020. According to the...more
An amendment to the CCPA recently passed through the legislature, adding some much needed clarity to HIPAA-regulated entities, research institutions and other life science and medical device companies. CCPA in its current...more
As the California legislature session concluded at the end of August, a significant amendment to the CCPA finally passed both houses. California bill AB-1281 passed the Senate in the last days of the month, extending the...more
The California AG has now released the final CCPA regulations, as approved by the Office of Administrative Law (OAL). The final draft (issued August 14, 2020) incorporates some relatively minor changes that the OAG submitted...more
By scrolling this page, clicking a link or continuing to browse our website, you consent to our use of cookies as described in our Cookie and Advertising Policy. If you do not wish to accept cookies from our website, or would...more
Companies who transfer data from the EU to the U.S. are struggling to determine the appropriate basis under which they can make these transfers. Continuing our examination of the outcome of this decision, we think now about...more
U.S. companies are in a bind in the wake of the recent EU decision rejecting the validity of the Privacy Shield. While it is clear that the EU will not accept Privacy Shield participation as a basis for transferring data from...more
On July 16, 2020, in the case colloquially known as “Schrems II,” the Court of Justice of the European Union (CJEU) struck down the EU-US Privacy Shield, finding it an invalid mechanism for transferring data from the EU to...more
On July 10, 2020, Commissioner Hahn of the U.S. Food and Drug Administration (FDA) issued a statement announcing that the agency is planning to resume on-site inspections of domestic facilities during the week of July 20. The...more
Vermont recently amended its data breach notification law. The changes will go into effect July 1, 2020. As amended, the definition of “personal information” now includes the following when combined with a consumer’s first...more
FDA issued new guidance on June 19, 2020, advising manufacturers of drugs, biologics, and active pharmaceutical ingredients (APIs) on manufacturing controls to prevent contamination of drugs with SARS-CoV-2, including...more
On June 1, 2020, the California AG submitted the final text of the proposed CCPA regulations to the Office of Administrative Law (OAL). There were no changes to the final text from the last version released in March, which we...more
For the first time, the U.S. Supreme Court has agreed to review the Computer Fraud and Abuse Act (CFAA) in Van Buren v. United States, No. 19-783. A federal circuit split exists on the issue of whether the statute can only be...more
At the end of March, Washington, D.C. signed the Security Breach Protection Amendment Act of 2019, which adds some significant changes to D.C.’s existing data breach law, first enacted in 2007. The law is projected to take...more
On May 4, 2020, the US Food and Drug Administration (FDA) updated its enforcement policy on antibody tests for COVID-19. The revised policy requires developers of commercial antibody tests to submit a request for emergency...more
During COVID-19, in certain areas of the law, we have seen significant flexibility from regulators and government agencies in how they are addressing typical approval processes and/or compliance requirements. In the context...more
The FTC recently settled with smart lock maker Tapplock, Inc., a Canadian company, over allegations that it deceived consumers with false claims about its product’s security practices. These allegations arose based on...more
A number of private and government entities have released apps and software development kits (SDKs) relying on location tracking data to help tackle the COVID-19 pandemic. While the use of such technologies are being hotly...more
Following its 20th plenary session on April 7, the European Data Protection Board (EDPB) selected geolocation and health data to focus on in its upcoming COVID-19 guidance. This follows in response to the EDPB’s earlier broad...more