FTC Staff Report on Social Media Platforms’ Privacy and Security Practices -
On September 19, 2024, the Federal Trade Commission (“FTC” or the “Commission”) announced the release of its staff report, “A Look Behind the...more
10/11/2024
/ Algorithms ,
Artificial Intelligence ,
California ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
FTC Act ,
GAO ,
Governor Newsom ,
Governor Vetoes ,
Machine Learning ,
Marketing ,
New Legislation ,
Privacy Laws ,
Settlement ,
Social Media ,
Unfair or Deceptive Trade Practices
FTC and DOJ Reach US$2.95 Million Settlement with Verkada for Alleged Violations of the FTC Act and CAN-SPAM Act -
On August 30, 2024, the Federal Trade Commission (“FTC”) announced a proposed order with Verkada Inc....more
9/27/2024
/ Amicus Briefs ,
Arbitration Agreements ,
Artificial Intelligence ,
CAN-SPAM Act ,
COPPA ,
Cyber Attacks ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Department of Justice (DOJ) ,
Ethics ,
EU ,
European Commission ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
FTC Act ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Human Rights ,
Online Reviews ,
Securities and Exchange Commission (SEC) ,
Settlement ,
Standard Contractual Clauses ,
UK ,
Web Tracking
New BIPA Ruling: Dismissal of Claims Against Samsung Over its Face App Data -
On July 24, 2024, a federal judge in Illinois dismissed the case GT v. Samsung Electronics America, Inc., in which a putative class of Samsung...more
8/19/2024
/ Biometric Information Privacy Act ,
Data Protection ,
Enforcement ,
European Commission ,
European Parliament ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Illinois ,
Information Commissioner's Office (ICO) ,
Informed Consent ,
Minor Children ,
Personal Information ,
Settlement ,
Social Media ,
State Data Privacy Laws ,
Tracking Systems ,
UK
U.S. Court Axes Most of SEC's SolarWinds Data Breach Suit -
The U.S. District Court for the Southern District of New York recently dismissed much of the U.S. Securities and Exchange Commission’s (“SEC”) suit against...more
8/2/2024
/ Artificial Intelligence ,
Audits ,
Automated Decision Systems (ADS) ,
COPPA ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Dismissals ,
EU ,
EU-US Privacy Shield ,
European Economic Area (EEA) ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Instant Messaging Apps ,
Misleading Statements ,
Regulation Technical Standards (RTS) ,
Risk Assessment ,
ROSCA ,
Securities and Exchange Commission (SEC) ,
Settlement ,
SolarWinds
CFPB Director Chopra Emphasizes “Pressing Need” for Data Protections -
On June 12, 2024 and June 13, 2024, Consumer Financial Protection Bureau Director Rohit Chopra appeared before the Senate Banking Committee and the...more
7/1/2024
/ Breach Notification Rule ,
Consumer Financial Protection Bureau (CFPB) ,
Court of Justice of the European Union (CJEU) ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Multi-Factor Authentication ,
Personal Data ,
Securities and Exchange Commission (SEC) ,
Settlement ,
State Privacy Laws ,
UK GDPR ,
Vermont
SEC Fines the New York Stock Exchange’s Parent Company $10 million for Failure to Promptly Notify Its Subsidiaries of Cybersecurity Breach -
On May 22, 2024, the Securities and Exchange Commission (“SEC”) imposed a $10...more
6/14/2024
/ Annual Reports ,
Artificial Intelligence ,
Breach Notification Rule ,
Colorado ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Information Commissioner's Office (ICO) ,
Machine Learning ,
New Legislation ,
NYSE ,
Popular ,
Securities and Exchange Commission (SEC) ,
UK
April 2024 On April 4, 2024, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (“CISA”) published a 447-page Notice of Proposed Rulemaking (“Proposed Rules”) in accordance with the...more
4/19/2024
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Government Agencies ,
Machine Learning ,
OMB ,
Online Safety for Children ,
Privacy Laws ,
Proposed Rules ,
Reporting Requirements ,
UK ,
Voluntary Compliance
European Parliament Approves EU AI Act -
On March 13, 2024, the European Parliament approved the EU Artificial Intelligence Act (“AI Act”). A first of its kind legal framework for AI, the AI Act has extraterritorial effect,...more
3/29/2024
/ Appeals ,
Artificial Intelligence ,
California Privacy Protection Agency (CPPA) ,
Consent ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity Framework ,
Data Brokers ,
Data Collection ,
European Parliament ,
Federal Trade Commission (FTC) ,
Foreign Adversaries ,
General Data Protection Regulation (GDPR) ,
Popular ,
Sensitive Personal Information ,
Strategic Planning ,
Transparency
Biden Administration Issues Executive Order Restricting Bulk Transfers of U.S. Citizens' Personal Data to “Countries of Concern” -
On February 28, 2024, President Biden issued an Executive Order (“EO”) to address the...more
3/15/2024
/ Biden Administration ,
California ,
Cybersecurity Framework ,
Data Privacy ,
Data Protection ,
Data Selling ,
Employee Monitoring ,
Executive Orders ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
High-Risk Countries ,
NIST ,
Opt-Outs ,
Personal Data ,
Sensitive Personal Information ,
UK
FTC Proposes New Protections to Guard Against AI Impersonations of Individuals -
Amidst growing concerns that emerging technology—including AI-generated deepfakes—threaten to increase the prevalence of impersonation fraud,...more
3/1/2024
/ Anti-Terrorism Financing ,
Artificial Intelligence ,
Cybersecurity ,
Deep Fake ,
EU ,
European Convention on Human Rights ,
Federal Trade Commission (FTC) ,
Human Rights ,
Russia ,
Securities and Exchange Commission (SEC) ,
Terms of Service
FTC Announces Proposed Settlement with Software Provider to Settle Allegations that its Inadequate Security Safeguards Led to Cyberattack -
On February 1, 2024, the Federal Trade Commission (“FTC”) announced a proposed...more
FTC Announces Proposed Settlement with Data Aggregator over its Alleged Selling of Precise Location Data -
The Federal Trade Commission (“FTC”), on January 18, 2024, announced a proposed settlement with InMarket Media...more
FTC Settles with Rite Aid on its Use of AI and Processing of Biometric Information -
The Federal Trade Commission (“FTC”), on December 19, 2023, announced that it had reached a settlement with Rite Aid Corporation (“Rite...more
1/19/2024
/ Artificial Intelligence ,
Biometric Information ,
COPPA ,
Data Brokers ,
Data Retention ,
Enforcement Actions ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
FTC Act ,
Inventors ,
Notice of Proposed Rulemaking (NOPR) ,
Opt-In ,
Patents ,
Rite Aid ,
Sensitive Personal Information ,
Settlement ,
UK
EU AI Act: Political Agreement Reached on Terms of Landmark Legislation -
Negotiators for the European Council and the European Parliament have reached political agreement on the provisions of the EU Artificial...more
12/15/2023
/ Artificial Intelligence ,
California Privacy Protection Agency (CPPA) ,
Compliance ,
Cookies ,
Court of Justice of the European Union (CJEU) ,
EU ,
Federal Trade Commission (FTC) ,
Fines ,
General Data Protection Regulation (GDPR) ,
Neglect ,
New Legislation ,
UK
The Biden Administration Issues Executive Order on Artificial Intelligence -
On October 30, 2023, President Biden signed an Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence (the “Order”)...more
11/17/2023
/ Artificial Intelligence ,
Biden Administration ,
Chief Information Security Officer (CISO) ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Executive Orders ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
NYDFS ,
Ransomware ,
Regulatory Agenda ,
Securities and Exchange Commission (SEC) ,
SolarWinds
What is in store for Privacy and Cybersecurity in 2023 -
As the year ends, we offer this special edition with predictions for 2023 from each member of the Cyber Bits Partner Committee. Regardless of what happens in 2023, we...more
12/30/2022
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cybersecurity ,
Disclosure Requirements ,
EU ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Infrastructure ,
Investment Adviser ,
Popular ,
Privacy Laws ,
Privacy Legislation ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
State Data Breach Notification Statutes ,
UK ,
Whistleblowers
Few things are certain, but it is indisputable that in 2022 data will remain big; data driven technologies will create unparalleled opportunity and risk; the frequency and sophistication of cyberattacks will shatter...more
1/7/2022
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Loss Prevention ,
Data Privacy ,
Data Protection ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Hackers ,
International Data Transfers ,
Machine Learning ,
Popular ,
Ransomware ,
Regulatory Agenda ,
Section 5
The European Commission announced an agreement in principle on a new framework for data transfers to replace the “Safe Harbor” arrangement that had governed data flows between the United States and Europe for the past 15...more