The Children’s Advertising Review Unit recently settled with KidGeni – a generative art platform intended for children- for allegedly violating both CARU’s guidelines and COPPA. According to CARU, which is a self-regulatory...more
8/19/2024
/ Artificial Intelligence ,
CARU ,
Class Action ,
COPPA ,
Data Collection ,
Enforcement ,
Federal Trade Commission (FTC) ,
Machine Learning ,
Online Platforms ,
Parental Consent ,
Personal Information ,
Privacy Laws
Nebraska’s governor has now signed into law the state’s “comprehensive” privacy law making it the fourth one this year, and the 17th overall. It will take effect on January 1, 2025 – the same day as Delaware, Iowa, and New...more
4/26/2024
/ Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
New Regulations ,
Opt-Outs ,
Personal Data ,
Personal Information ,
Popular ,
Privacy Laws ,
State Privacy Laws
In anticipation of July 1, 2024, requirements to allow consumers the ability to use “universal opt out mechanisms” in certain circumstances, Colorado has posted its “universal opt out shortlist.” The list is indeed short....more
The CPPA, the California regulatory body charged with enforcing CCPA, recently released draft regulations for use of automated decisionmaking technology. The draft comes under the law’s requirements for the agency to issue...more
12/21/2023
/ Automated Decision Systems (ADS) ,
California ,
California Privacy Protection Agency (CPPA) ,
New Regulations ,
Personal Information ,
Privacy Laws ,
Proposed Regulation ,
Proposed Rules ,
State Privacy Laws ,
Technology Sector ,
Tracking Systems
The FTC recently announced a settlement with Global Tel*Link, a telecommunications company that contracts with prisons and jails to provide communication services to incarcerated individuals and their families. Those who use...more
Financial services companies beware: the new state privacy laws exemption are not uniform. To recap, there are privacy laws in 12 states: California, Colorado, Connecticut, Florida, Indiana, Iowa, Montana, Oregon, Tennessee,...more
The enforcement division of the California Privacy Protection Agency (CPPA) recently announced it intends to review the privacy practices of connected vehicles. The driving force behind the review is the technologies in...more
Oregon recently joined Vermont and California as the third state requiring data broker registration before collecting, selling, or licensing “brokered personal data.” Several types of entities are exempt from the law. These...more
8/16/2023
/ Customers ,
Data Brokers ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Selling ,
Exemptions ,
Information Sharing ,
New Legislation ,
Oregon ,
Penalties ,
Personal Data ,
Personal Information ,
Subscribers ,
Third-Party
Oregon’s governor has now signed into law the state’s comprehensive privacy law. Meaning, there are now 12 states with these laws, six of which were passed just this year (others passed in 2023 were Iowa, Indiana, Tennessee,...more
7/24/2023
/ Consumer Privacy Rights ,
Covered Entities ,
Data Protection Acts ,
Enforcement Actions ,
Financial Institutions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Legislative Agendas ,
New Legislation ,
Oregon ,
Personal Data ,
Personal Information ,
State and Local Government ,
State Privacy Laws
The US has what appears to be a never-ending list of comprehensive privacy laws, but do they all apply to your organization? Not necessarily.
Let’s recap. Since we last wrote at the beginning of the month about preparing...more
As we wrote in November, Pennsylvania amended its data breach notification laws last year, and those changes go into effect tomorrow (May 2, 2023). Beginning tomorrow, if a breach of username/email accounts and their...more
The FTC recently took action against the online alcohol marketplace company Drizly and its CEO for alleged security failures. The case arose from a 2018 data breach which was caused – according to the FTC – by poor security...more
Firefly Games agreed to take corrective action in response to the Children’s Advertising Review Unit’s allegations that the company had violated COPPA by inaccurately (and confusingly) explaining its privacy practices. The...more
The Children’s Advertising Review Unit recently settled with TickTalk Tech, LLC over its information collection practices. CARU, a self-regulatory body that reaches voluntary settlements with companies, conducts regular...more
4/15/2022
/ Advertising ,
CARU ,
Children's Online Games ,
COPPA ,
Data Collection ,
Data Privacy ,
Disclosure ,
Mobile Apps ,
Parental Consent ,
Personal Information ,
Privacy Policy
The Chinese agency charged with implementing and enforcing the new Personal Information Protection Law has issued draft measures for cross-border data transfers. Comments are due by November 28. As we detailed previously, the...more
California recently updated both its data security and breach notice laws to include genetic data. With the passage of AB 825, the data security law now includes in the definition of “personal information” genetic data. The...more
10/18/2021
/ Amended Legislation ,
Biometric Information ,
California ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Digital Health ,
Healthcare ,
Personal Information ,
Privacy Laws
New York City recently amended its law governing third party delivery services, with the changes going into effect December 27, 2021. The revised law specifically permits restaurants to ask for customers’ personal information...more
9/29/2021
/ Consumer Privacy Rights ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Collection ,
New York ,
Opt-Outs ,
Personal Information ,
Privacy Laws ,
Proposed Regulation ,
Restaurant Industry ,
State and Local Government
The FTC recently settled with a surveillance app operator over allegations that the company facilitated the secret harvesting of personal information. According to the FTC, the main users of Support King, LLC’s “SpyFone” app...more
China is continuing to move forward with its first comprehensive privacy law. China recently issued a second version of the draft Personal Information Protection Law (Draft PIPL) which will be open for public comments until...more
5/14/2021
/ Breach Notification Rule ,
China ,
Cross-Border ,
Cybersecurity ,
Data Breach ,
Data Localization Law ,
Data Privacy ,
Data Security ,
Data Transfers ,
General Data Protection Regulation (GDPR) ,
Penalties ,
Personal Information ,
Popular ,
Proposed Regulation
Utah recently amended its breach notice law to provide certain defenses to companies who suffer a data breach. It is now the second state, after Ohio, to include such provisions. Specifically, entities that create and...more
Many digital health app developers offering health and wellness solutions directly to consumers may find themselves in a space unregulated by the Health Insurance Portability and Accountability Act (“HIPAA”). While...more
A class action lawsuit filed against PayPal in connection with a breach it suffered in 2017 was dismissed recently because the plaintiffs did not adequately allege PayPal’s intent to deceive investors. The litigation began...more
To round out this series on right-sizing a privacy program, our last stop is thinking about the impact of working with third parties. There are many legal requirements to assess and/or to address in third party contracts when...more
1/29/2021
/ Business Development ,
California Consumer Privacy Act (CCPA) ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Personal Information ,
Standard Contractual Clauses ,
Strategic Planning ,
Third-Party
One of the methods US and EU companies rely on most frequently for the transfer of personal data from the EU to the US are standard contractual clauses. For the method to be acceptable as a valid basis for transfer of...more
12/1/2020
/ Consumer Privacy Rights ,
Data Privacy ,
Data Transfers ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Personal Information ,
Privacy Laws ,
SCC ,
Standard Contractual Clauses
By scrolling this page, clicking a link or continuing to browse our website, you consent to our use of cookies as described in our Cookie and Advertising Policy. If you do not wish to accept cookies from our website, or would...more