On May 17, 2023, the Federal Trade Commission (the “FTC”) reached a settlement with Easy Healthcare Corporation (“Easy Healthcare”), for its fertility-tracking app, Premom. The agency alleged that Easy Healthcare failed to...more
5/25/2023
/ Corporate Counsel ,
Data Privacy ,
Data Security ,
Data-Sharing ,
Electronic Protected Health Information (ePHI) ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach Notification Rule ,
Mobile Apps ,
Mobile Health Apps ,
PHI ,
Policy Statement ,
Risk Mitigation
The past two weeks have seen continued progress on proposed comprehensive privacy legislation across multiple states. Most notably, on March 28, Iowa Governor Kim Reynolds signed SF 262 into law, officially making Iowa the...more
Since our last update, comprehensive privacy law proposals have continued to emerge and progress through state legislatures. Most notably, five bills have now passed a legislative chamber, with Hawaii’s Consumer Data...more
Since the start of the 2023 legislative session, at least 15 biometric privacy law proposals have emerged across 11 states (including Arizona, Hawaii, Maryland, Massachusetts, Minnesota, Mississippi, Missouri, New York,...more
The new year has already seen a flurry of state privacy law activity, with legislators in at least nine states (Indiana, Iowa, Kentucky, Massachusetts, Mississippi, New York, Oklahoma, Oregon, and Tennessee) proposing new...more
On September 30, the Colorado Attorney General’s Office (“Colorado AG’s Office”) released proposed rules (the “Proposed Rules”) for the Colorado Privacy Act (CPA), which goes into effect on July 1, 2023. The Proposed Rules...more
On May 16, 2022, the European Data Protection Board (EDPB), the independent body of data protection supervisors that promotes consistent data protection rules and application thereof throughout the European Union (EU),...more
5/31/2022
/ Artificial Intelligence ,
Biometric Information ,
Corporate Counsel ,
Corporate Fines ,
Data Protection Authority ,
Enforcement Actions ,
EU ,
European Data Protection Board (EDPB) ,
Facial Recognition Technology ,
General Data Protection Regulation (GDPR) ,
Law Enforcement ,
New Guidance ,
Personal Data ,
Right to Privacy
On April 20, 2022, Connecticut’s Senate passed S.B. 6, an Act concerning Personal Data Privacy and Online Monitoring. The comprehensive privacy bill will now move to the Connecticut House, where it has the potential to become...more
Colorado, as the third U.S. state to adopt a comprehensive privacy law, is making significant strides in its rule-making activities. On April 12, 2022, the Colorado Attorney General’s Office issued prepared remarks from...more
Utah is close to becoming the fourth state to have a comprehensive privacy law. The Utah Consumer Privacy Act (SB 227) unanimously passed the Utah Senate on February 25. And the Utah House followed suit quickly, unanimously...more
The European Commission has presented its draft Data Act, which will affect a broad range of companies and heavily emphasizes data accessibility and fairness. Companies should begin to evaluate their current practices and...more
French regulators have held that the use of Google Analytics violates the GDPR, a decision that likely has broad implications for web analytics companies and website operators.
On February 10, 2022, the French Data...more
2/16/2022
/ Analytics ,
CNIL ,
Corporate Counsel ,
Data Protection Authority ,
Facebook ,
FISA ,
France ,
General Data Protection Regulation (GDPR) ,
Google ,
International Data Transfers ,
Schrems I & Schrems II
As companies prepare for new privacy laws to go into effect in California, Virginia, and Colorado, they should also keep an eye out on other states that are looking to pass their own “comprehensive” privacy legislation....more
The long wait to see if any state would join California in passing a comprehensive privacy law is finally coming to an end, as the Virginia Senate passed the Virginia Consumer Data Protection Act (CDPA) on February 3. An...more
Less than a month before Californians are to vote on the California Privacy Rights Act (CPRA), the California attorney general (California AG) proposed a third set of modifications to the California Consumer Privacy Act’s...more
As state legislatures begin their 2020 sessions, proposals for stronger privacy laws are at the top of the agenda across the country. Carrying forward the story we told in reports in February, April, and July of last year,...more
2/4/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Fair Credit Reporting Act (FCRA) ,
General Data Protection Regulation (GDPR) ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personal Data ,
Personal Information ,
Privacy Laws ,
Proposed Legislation ,
State Data Privacy Laws
As many businesses occupy themselves with coming into compliance with the California Consumer Privacy Act (CCPA) before the law’s effective date of January 1, 2020, Congress is renewing discussion of a possible comprehensive...more
12/11/2019
/ California Consumer Privacy Act (CCPA) ,
Congressional Committees ,
Corporate Counsel ,
Data Privacy ,
Enforcement Authority ,
Federal Trade Commission (FTC) ,
Legislative Agendas ,
Preemption ,
Privacy Laws ,
Private Right of Action ,
Section 5 ,
State Attorneys General ,
State Data Privacy Laws