Minnesota’s governor has now signed into law that state’s comprehensive privacy law. For those keeping count – that is number 19 of state “comprehensive” privacy laws, with six in 2024 alone. The Minnesota law will go into...more
6/10/2024
/ Consumer Privacy Rights ,
Data Collection ,
Data Protection ,
Legislative Agendas ,
New Legislation ,
Notice Requirements ,
Opt-Outs ,
Personal Data ,
Popular ,
Privacy Laws ,
Recordkeeping Requirements ,
Regulatory Requirements ,
Sensitive Business Information ,
State Privacy Laws
Nebraska’s governor has now signed into law the state’s “comprehensive” privacy law making it the fourth one this year, and the 17th overall. It will take effect on January 1, 2025 – the same day as Delaware, Iowa, and New...more
4/26/2024
/ Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
New Regulations ,
Opt-Outs ,
Personal Data ,
Personal Information ,
Popular ,
Privacy Laws ,
State Privacy Laws
With the Kentucky governor recently signing into law that state’s privacy law the US now has 16 states with “comprehensive” privacy laws. This newest one will go into effect on January 1, 2026 – the same day as Indiana. It...more
The FTC is beginning 2024 with a bang. Just a few short days after announcing a settlement with lead-generation company Response Tree, the FTC has announced another decision. In this latest announcement, the FTC has described...more
In anticipation of July 1, 2024, requirements to allow consumers the ability to use “universal opt out mechanisms” in certain circumstances, Colorado has posted its “universal opt out shortlist.” The list is indeed short....more
Among the various requirements under US state comprehensive privacy laws, those that relate to loyalty programs may be some of the most confusing. Only three states — California, Colorado and Florida — regulate these...more
Companies may want to review their consumer rights processes as we approach July 1. This is the date of enforcement for those parts of CCPA modified by CPRA. It is also the effective date of two more state privacy laws:...more
Florida has become the latest state to enact a comprehensive privacy law this year when SB 262 was signed by Governor DeSantis last week. It combines some new, and some familiar, provisions. It has also passed a child privacy...more
6/13/2023
/ Consumer Privacy Rights ,
Data Privacy ,
Florida ,
Governor DeSantis ,
Online Safety for Children ,
Opt-In ,
Opt-Outs ,
Personal Data ,
Privacy Laws ,
Right-To-Access ,
Social Media ,
State Privacy Laws
Indiana has now become the seventh US state to enact a comprehensive privacy law after Senate Bill 5 (“SB5”) was signed by the governor on May 1, 2023. The new law will go into effect January 1, 2026, and is almost identical...more
Colorado’s Privacy Act regulations have now been finalized, in advance of the law’s July 1 effective date. As we have written previously, the Colorado privacy law applies to companies that conduct business in the state and...more
Companies who participate in the AdTech and digital advertising eco-system are very familiar with the Interactive Advertising Bureau and its form advertiser agreements. Those agreements can help streamline negotiations,...more
The talk of “opt-out preference signals” or global privacy controls (GPC) has been increasing as companies dig into the forthcoming requirements under US “comprehensive” privacy laws. What is an opt-out preference signal? An...more
10/25/2022
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Colorado ,
Connecticut ,
Data Privacy ,
Do Not Sell ,
Opt-Outs ,
Privacy Laws ,
State and Local Government ,
State Privacy Laws ,
Virginia
With six months before the first of the new US state general privacy laws go into effect, there are several steps companies can take now to begin to prepare. Unfortunately there are some parts of compliance that will be...more
The Virginia privacy law going into effect January 2023 received some minor tweaks this month. In particular, provisions around deletion requests. As originally enacted, the Virginia law mirrored similar provisions in...more
The California Privacy Protection Agency recently published public comments received in response to its preliminary rulemaking activities for the California Privacy Rights Act (CPRA). The comments were originally solicited in...more
New York City recently amended its law governing third party delivery services, with the changes going into effect December 27, 2021. The revised law specifically permits restaurants to ask for customers’ personal information...more
9/29/2021
/ Consumer Privacy Rights ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Collection ,
New York ,
Opt-Outs ,
Personal Information ,
Privacy Laws ,
Proposed Regulation ,
Restaurant Industry ,
State and Local Government
The California attorney general has created a tool for consumers to report situations where companies sell information but do not have an opt-out of sale link on their website. The release of the tool came at the same time as...more
On February 10, the California Attorney General’s office released a highly anticipated updated draft of the proposed CCPA regulations. This draft corrected a version first issued on February 7, 2020. These latest updates...more
Nevada recently amended its existing online privacy law to give Nevada residents the ability – in certain circumstances – to opt out of the sale of their data to third parties. The amendment goes into effect October 1, 2019,...more
6/21/2019
/ Amended Legislation ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Use Policies ,
Data-Sharing ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
Website Owner Liability
The Online Interest Based-Advertising Accountability Program, which enforces privacy principles for digital advertising, recently announced its 100th action. In announcing this landmark, the Accountability Program looked back...more
6/4/2019
/ Advertising ,
Behavioral Advertising ,
Consent ,
Cross-Device ,
Data Collection ,
Data Privacy ,
Enforcement Actions ,
Mobile Devices ,
Notice Requirements ,
Online Advertisements ,
Online Interest-Based Advertising Accountability Program ,
Opt-Outs ,
Regulatory Requirements ,
Web Tracking
A Dutch e-cigarette company recently settled a self-regulatory inquiry over its online behavioral advertising practices. The Accountability Program (a US self-regulatory group that oversees online and interactive behavioral...more
On January 1, 2019 Vermont’s breach notice law will include obligations specific to data brokers. A “data broker” is defined as a business that “knowingly collects and sells or licenses to third parties the brokered personal...more
12/24/2018
/ Cybersecurity ,
Data Breach ,
Data Brokers ,
Data Collection ,
Data Protection ,
Data Security ,
Disclosure Requirements ,
Encryption ,
Good Faith ,
New Legislation ,
Notice Requirements ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Registration Requirement ,
State Data Breach Notification Statutes
The U.K. data protection authority recently fined a lead generation company £90,000 ($118,000) for a 2017 unsolicited email marketing campaign. The company, Boost Finance Ltd, sent over 4 million emails promoting pre-paid...more
10/26/2018
/ Consent ,
Data Privacy ,
Data Protection ,
Email ,
Enforcement Actions ,
Fines ,
Information Commissioner's Office (ICO) ,
Marketing ,
Opt-Outs ,
Privacy and Electronic Communications Regulation 2003 (PECR). ,
Third-Party ,
UK