Oklahoma: Changing Data Privacy as We Know It?
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
On January 13, 2025, Texas Attorney General’s Office filed its first lawsuit enforcing the Texas Data Privacy and Security Act (“TDPSA”). The law went into effect on July 1, 2024. The complaint also states claims under Texas’...more
On November 7, 2024, Michigan lawmakers in the Senate introduced the Reproductive Data Privacy Act (“RDPA”), also known as Senate Bill 1082 (SB 1082). The bill aims to strengthen privacy protections for sensitive...more
As our readers know, the California Privacy Protection Agency (“Agency”) was established by the California Consumer Privacy Act (“CCPA”). California’s Delete Act, effective as of January 1, 2023, established, among other...more
The California Privacy Protection Agency is going after data brokers. The CPPA board voted earlier this month to adopt new regulations regarding data broker registration requirements. If approved, the regulations will...more
Most consumers are aware that their personal data is collected, compiled, analyzed, and sold to third parties for marketing and other purposes. Many employees may not know of similar data collection practices relating to...more
Texas AG Ken Paxton has sued General Motors LLC and its subsidiary OnStar LLC (collectively “GM”) over allegations that GM misled vehicle purchasers into enrolling in programs that collected and shared their driving data with...more
This week, Ken Paxton, the Texas Attorney General, filed suit against General Motors for alleged violations of the Texas Deceptive Trade Practices Act in collecting and selling drivers’ data to insurers without consumer...more
On April 17, 2024, Nebraska’s governor signed Legislative Bill 1074, which establishes a consumer data privacy law for the state. Nebraska’s law takes effect January 1, 2025. To Whom does the law apply? The law applies to...more
On May 9, 2024, Governor Wes Moore signed the Maryland Online Data Privacy Act (MODPA), making Maryland the seventeenth state to enact a comprehensive data privacy law. While similar in certain respects to most Virginia Model...more
On April 6, the Maryland legislature passed the Maryland Online Data Privacy Act of 2024, sending the bill to the state’s governor for signing. The bill comes on the heels of the Kentucky Consumer Data Protection Act, which...more
According to Chair Lina Khan, the Federal Trade Commission (“FTC”) recent action against Avast Limited and its subsidiaries for $16.5 million is the “highest monetary remedy in a de novo privacy violation case” and the first...more
The California Attorney General (“AG”) recently delivered (pun very much intended) a public CCPA enforcement action against DoorDash, its second following the 2022 settlement with Sephora. The DoorDash action stems from a...more
In just a few short weeks, a new front may emerge for biometrics litigation in the United States. On March 31, 2024, the My Health My Data Act (“MHMDA”) will go into effect in Washington for most entities that conduct...more
The FTC has issued a proposed order against Avast Limited and its subsidiaries (collectively “Avast”) to resolve allegations that the company violated the FTC Act when it unfairly collected and indefinitely stored consumer...more
A bipartisan coalition of 19 AGs filed an amicus brief with the U.S. Court of Appeals for the Ninth Circuit in support of Google users who alleged that the company violated privacy agreements and used their personal...more
Both Texas and Oregon recently adopted rules that will, among other things, implement a registry required by both states’ data broker laws. The Texas law went into effect September 1, 2023, and the Oregon law will go into...more
The Situation: California has enacted a groundbreaking new privacy law aimed at data brokers—entities that sell information about consumers with whom they do not have a direct relationship. Under the Delete Act (SB 362), data...more
California recently passed a groundbreaking new law aimed at further regulating the data broker industry. California is already one of only three states (along with Oregon and Vermont) that require data brokers—businesses...more
Massachusetts lawmakers are considering banning the sale of cellular location data across the state, which would be the first legislation of its kind in the country. The Massachusetts Location Shield Act was proposed in the...more
On August 24, 2022, California Attorney General Rob Bonta announced a settlement with Sephora, one of the largest cosmetic retailers in the world, to resolve allegations that the company illegally sold consumer data and...more
The Federal Trade Commission (FTC) recently filed a complaint against a data broker alleging that the collection and sale of precise location data significantly harms consumers, especially if the data contains information...more
CYBERSECURITY - Password Manager LastPass Admits to Hack - Password manager LastPass, reportedly used by more than 33 million users, recently announced that it was hacked, and although it reports that no passwords of...more
In a complaint filed this week, the Federal Trade Commission (FTC) alleges that a data broker sold geolocation data from individuals showing their movements to and from sensitive locations, including reproductive health...more
The Federal Trade Commission (“FTC”) on Monday, August 29, 2022, sued Idaho-based Kochava Inc., a data broker, in the United States District Court for the District of Idaho, seeking a permanent injunction and other relief for...more
In the first of its kind under the California Consumer Privacy Act (CCPA), Sephora settled an enforcement action with the California Attorney General for violation of the CCPA. Sephora must pay $1.2 million in penalties and...more