On December 19, the Federal Trade Commission (FTC) reached two separate record-breaking settlements with Epic Games, Inc. (“Epic”) over allegations, among others, that the Fortnite video game maker knowingly violated the...more
On December 13, 2022, the European Commission initiated the process to adopt an adequacy decision for the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”). The draft adequacy decision follows President Biden’s October Executive...more
On November 15, the Federal Trade Commission (FTC) announced a six-month delay of the deadline by which companies must comply with recent amendments to its Standards for Safeguarding Customer Information (“the Safeguards...more
On November 9, the New York State Department of Financial Services (“DFS”) formally proposed amendments (the “Proposed Amendments”) to the Part 500 Cybersecurity Regulations (the “Cybersecurity Regulations”). The Proposed...more
On September 30, the Colorado Attorney General’s Office (“Colorado AG’s Office”) released proposed rules (the “Proposed Rules”) for the Colorado Privacy Act (CPA), which goes into effect on July 1, 2023. The Proposed Rules...more
On September 15, 2022, the Federal Trade Commission (FTC) released a report on dark patterns (the, “Report”) that identifies the types of misleading and manipulative interface practices that the agency believes can harm...more
On August 29, 2022, the California Age-Appropriate Design Code Act (the Act) was unanimously approved by the California State Senate. It now awaits Governor Gavin Newsom’s signature....more
9/15/2022
/ Children's Online Games ,
COPPA ,
Data Privacy ,
Data Protection Impact Assessments (DPIAs) ,
Enforcement ,
Governor Newsom ,
Minors ,
Online Platforms ,
Penalties ,
Pending Legislation ,
Social Networks ,
Websites
On July 7, 2022, the Consumer Financial Protection Bureau (“CFPB”) issued an advisory opinion, “Permissible Purposes for Furnishing, Using, and Obtaining Consumer Reports” (the “Opinion”) to outline certain privacy...more
On August 24, 2022, California Attorney General Rob Bonta (“CA AG”) announced a $1.2 million settlement with Sephora, Inc. (“Sephora”), marking the first announced enforcement action under the California Consumer Privacy Act...more
On July 8, 2022, the Department of Justice (“DOJ”) announced in a press release that Aerojet Rocketdyne Inc, a provider of advanced propulsion and energetics systems for multiple government agencies, reached a settlement...more
7/28/2022
/ Compliance ,
Cyber Crimes ,
Cybersecurity ,
Department of Defense (DOD) ,
Department of Justice (DOJ) ,
DFARS ,
False Claims Act (FCA) ,
Federal Contractors ,
Military Contracts ,
NASA ,
Qui Tam ,
Settlement
On July 20, the House Committee on Energy & Commerce held an open markup session on the American Data Privacy and Protection Act (ADPPA), which concluded in an affirmative vote (53-2) for an amended version of the bill to...more
Following the Supreme Court’s ruling overturning Roe v. Wade in Dobbs v. Jackson Women’s Health Organization, the Biden Administration has outlined a framework for federal executive action designed to protect access to...more
7/21/2022
/ Biden Administration ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
Dobbs v. Jackson Women’s Health Organization ,
Executive Orders ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
New Guidance ,
PHI ,
Reproductive Healthcare Issues
On June 23, 2022, Congressman Patrick McHenry (NC-10), released a discussion draft (“Discussion Draft”) of new legislation set to amend the Gramm-Leach-Bliley Act (GLBA) with the intent to “modernize GLBA to better align...more
7/1/2022
/ Congressional Committees ,
Congressional Investigations & Hearings ,
Consumer Privacy Rights ,
Data Collection ,
Discussion Draft ,
Financial Institutions ,
GLBA Privacy ,
Gramm-Leach-Blilely Act ,
Preemption ,
Proposed Legislation ,
Regulatory Authority
Employee communications and use of company devices are often key issues in trade secret and related litigation. United States law, for the most part, has been very supportive of an employer’s ability to engage in aggressive...more
This week, the American Data Privacy and Protection Act (ADPPA), H.R. 8152, was formally introduced in the House by Representatives Frank Pallone (D-NJ), Cathy McMorris Rodgers (R-WA), Janice Schakowsky (D-IL), and Gus...more
On June 15, 2022, Senator Elizabeth Warren introduced Senate Bill S.4408, Health and Location Data Privacy Act of 2022 (the “Bill”). The Bill, co-sponsored with Senators Ron Wyden, Patty Murray, Sheldon Whitehouse, and Bernie...more
On June 14, the U.S. House Committee on Energy and Commerce’s Subcommittee on Consumer Protection and Commerce held a legislative hearing on the American Data Privacy and Protection Act (ADPPA) titled, “Protecting America’s...more
As a follow-up to their release of draft regulations (“Draft Regulations”) for the California Privacy Rights Act (CPRA) (which we covered in this article), the California Privacy Protection Agency (“Agency”) released an...more
Last week, Representatives Frank Pallone (D-NJ) and Cathy McMorris Rodgers (R-WA) and Senator Roger Wicker (R-MS) released a draft federal privacy proposal titled the American Data Privacy and Protection Act (ADPPA). ADPPA is...more
6/8/2022
/ California Consumer Privacy Act (CCPA) ,
Congressional Committees ,
Consumer Privacy Rights ,
Covered Entities ,
Data Privacy ,
Duty of Loyalty ,
Enforcement ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Preemption ,
Private Right of Action ,
Proposed Legislation ,
Sensitive Personal Information ,
State Privacy Laws
The California Privacy Protection Agency (CPPA) recently released draft regulations for the California Privacy Rights Act (CPRA) (Draft Regulations). These Draft Regulations come roughly two months before the agency is...more
On May 24, 2022, the Federal Trade Commission (FTC) released a new publication aimed at offering financial institutions and their service providers guidance on the FTC’s recently revised Safeguards Rule under the...more
On May 27, 2022, the California Privacy Protection Agency (CPPA) released draft regulations for the California Privacy Rights Act (CPRA) (Draft Regulations). The Draft Regulations come roughly two months before the agency is...more
On May 16, 2022, the European Data Protection Board (EDPB), the independent body of data protection supervisors that promotes consistent data protection rules and application thereof throughout the European Union (EU),...more
5/31/2022
/ Artificial Intelligence ,
Biometric Information ,
Corporate Counsel ,
Corporate Fines ,
Data Protection Authority ,
Enforcement Actions ,
EU ,
European Data Protection Board (EDPB) ,
Facial Recognition Technology ,
General Data Protection Regulation (GDPR) ,
Law Enforcement ,
New Guidance ,
Personal Data ,
Right to Privacy
On May 19, 2022, the Federal Trade Commission (FTC or the “Commission”) including Commissioner Alvaro M. Bedoya in his first sitting since being sworn in to the Commission, held an open meeting to discuss two critical topics:...more
5/26/2022
/ Administrative Authority ,
Advertising ,
Compliance ,
COPPA ,
Data Collection ,
Educational Institutions ,
Endorsements ,
Federal Trade Commission (FTC) ,
FTC Endorsement Guidelines ,
Online Reviews ,
Public Comment ,
Public Meetings ,
Public Policy ,
Public Schools ,
Testimonial Statements ,
Virtual Education Tools
On Wednesday, May 11, after a lengthy delay, the US Senate voted 51-50 to confirm Alvaro M. Bedoya as a Commissioner of the Federal Trade Commission (“FTC” or “Commission”), and he was sworn in on May 16. Bedoya fills the...more