In the first half of 2024, seven new states—Kentucky, Maryland, Minnesota, Nebraska, New Hampshire, New Jersey, and Rhode Island—all enacted their takes on comprehensive privacy laws, bringing the total number of states with...more
On June 7, 2023, the New York legislature passed the Stop Addictive Feeds Exploitation (SAFE) for Kids Act (SAFE Act or the Act) and the New York Child Data Protection Act (CDPA), both aimed at protecting children online. The...more
6/19/2024
/ COPPA ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Mobile Apps ,
New Legislation ,
New York ,
Online Safety for Children ,
Parental Consent ,
Personally Identifiable Information ,
Privacy Policy ,
State Legislatures ,
Websites
On April 26, 2024, the Federal Trade Commission (FTC) announced a Final Rule that amends the Health Breach Notification Rule (HBNR or Rule) to significantly broaden the FTC’s enforcement power in the area of digital health....more
The recent omnibus foreign relations package signed by President Biden on April 24, 2024, includes the Protecting Americans’ Data from Foreign Adversaries Act of 2024 (the Act), a set of sweeping privacy provisions...more
On February 28, 2024, President Biden signed Executive Order 14117 (the Order) aimed at protecting Americans’ sensitive personal data and U.S. Government-related data from exploitation by “countries of concern.” This move...more
On February 9, 2024, the California Third District Court of Appeals in Sacramento overturned a lower court order that postponed enforcement of the California Privacy Protection Agency’s (CPPA) newest rules. The decision...more
2/14/2024
/ California ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws
The firm is pleased to distribute the Q4 2023 edition of All Eyes on AI: Regulatory, Litigation, and Transactional Developments, which closely follows the evolving regulatory landscape for artificial intelligence (AI) in the...more
2/5/2024
/ Artificial Intelligence ,
California ,
California Privacy Protection Agency (CPPA) ,
CFIUS ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
Machine Learning ,
Personal Information ,
Proposed Legislation ,
Risk Assessment ,
Securities and Exchange Commission (SEC)
2023 was one of the busiest years for privacy yet—with more to come in 2024. Five new U.S. state privacy laws (in Texas, Florida, Oregon, Montana, and Washington) will come into effect in 2024. And federal and state...more
1/4/2024
/ Artificial Intelligence ,
Biometric Information ,
Consumer Financial Protection Bureau (CFPB) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Federal Trade Commission (FTC) ,
FinTech ,
State Data Privacy Laws ,
State Privacy Laws
In 2024, businesses will continue to face an evolving landscape of cyber threats, along with an increasingly complex regulatory environment. With heightened scrutiny from regulators, consumers, and investors, the need to...more
1/4/2024
/ Artificial Intelligence ,
Biden Administration ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
Federal Contractors ,
Financial Institutions ,
Hackers ,
Popular ,
Reporting Requirements ,
Securities and Exchange Commission (SEC)
On December 20, 2023, the Federal Trade Commission (FTC) announced proposed changes to the Children’s Online Privacy Protection Rule (COPPA Rule) that would place significant new restrictions on companies that collect...more
12/22/2023
/ COPPA ,
Data Collection ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
Mobile Apps ,
Online Safety for Children ,
Parental Consent ,
Personally Identifiable Information ,
Privacy Policy ,
Websites
On October 27, 2023, the Federal Trade Commission (FTC) announced it is amending the Safeguards Rule of the Gramm-Leach-Bliley Act (GLBA) to include a requirement for non-bank financial institutions to report certain data...more
On October 24, 2023, a bipartisan coalition of 33 states’ attorneys general filed suit against Meta Platforms, Inc., alleging in a lengthy complaint that Meta’s social media platform features are unsafe and designed to induce...more
On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) announced its long-awaited proposed rule regulating “Personal Financial Data Rights” (the proposed rule). The proposed rule implements Section 1033 of the...more
On September 21, 2023, the UK Government announced the establishment of the “UK-US data bridge” (the Bridge), also known as the UK Extension to the EU-U.S. Data Privacy Framework (the DPF). The announcement promises to...more
On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) approved final rules requiring that public companies report material cybersecurity incidents as well as disclose their cybersecurity risk management,...more
On July 10, 2023, the European Commission (EC) adopted an adequacy decision in relation to the EU-U.S. Data Privacy Framework (DPF). This paves the way for organizations to certify to the DPF, reducing friction for transfers...more
On June 16, 2023, the Federal Trade Commission (FTC) announced a proposed settlement agreement (in the form of a stipulated order) with genetic testing company Vitagene, Inc., now known as 1Health.io (1Health.io), for...more
On June 8, 2023, the UK and the U.S. governments issued a joint statement announcing that they had committed in principle to the establishment of a “UK Extension to the Data Privacy Framework,” which would facilitate flows of...more
Generative AI (GenAI) has been at the top of the headlines lately, transforming fields as varied as journalism, marketing, and gaming, boosting productivity and profitability, and performing functions previously limited to...more
5/30/2023
/ Algorithms ,
Artificial Intelligence ,
Copyright Infringement ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
Machine Learning ,
Open Source Software ,
Privacy Laws ,
Technology Sector
On March 28, 2023, Iowa Governor Kim Reynolds signed “An Act Relating to Consumer Data Protection” (SF 262) (ICDPA), making Iowa the sixth U.S. state to enact a comprehensive consumer privacy law following California,...more
On March 15, 2023, the Colorado Attorney General’s (Colorado AG) office released the final version of the Colorado Privacy Act (ColoPA) rules (the final rules), which are based on public comments on the third version of the...more
On March 15, 2023, the European Data Protection Board (EDPB) announced a coordinated action on the role of the data protection officers (DPOs). The data protection authorities (DPAs) will ask DPOs a series of questions to...more
On March 2, 2023, the White House released its National Cybersecurity Strategy (the Strategy). The Strategy sets out ambitious goals for the federal government to hold countries accountable for irresponsible behavior in...more
On February 24, 2023, the European Commission (EC) opened a public consultation on its initiative (Initiative) to revise procedural rules relating to the enforcement of the EU General Data Protection Regulation (GDPR). The EC...more
On February 1, 2023, the Federal Trade Commission (FTC) announced a complaint against and proposed settlement agreement (the “proposed order”) with GoodRx, a digital health company, over its data sharing practices that...more