Colorado Department of Law Issues Draft CPA Revisions -
On December 22, the Colorado Department of Law issued updates to the draft Colorado Privacy Act (CPA) rules. These revisions build on written comments and feedback from...more
1/13/2023
/ Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Colorado ,
COPPA ,
Data Security ,
Employee Definition ,
EU ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Mobile Apps ,
New Guidance ,
Penalties ,
Personal Data ,
Popular ,
Privacy Laws ,
Rulemaking Process ,
Standard Contractual Clauses ,
UK
Pandora’s Virtual Try-On Tool Leads to BIPA Class Complaint -
On November 15, 2022, a group of plaintiffs brought a purported class action against Pandora Jewelry LLC, claiming that its virtual try-on tool violates...more
12/12/2022
/ Biometric Information Privacy Act ,
Breach of Contract ,
Cease and Desist Orders ,
Class Action ,
Computer Fraud and Abuse Act (CFAA) ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
hiQ Labs Inc v LinkedIn Corp ,
LinkedIn ,
NIST ,
Personal Information ,
SCOTUS ,
Social Media ,
Twitter ,
Virtual Reality ,
Web Scraping
FTC Is Tracking Twitter Developments With “Deep Concern” -
Elon Musk’s recent purchase of Twitter has led to numerous resignations in the security department. Most recently, Twitter’s chief information security officer,...more
11/15/2022
/ Biometric Information Privacy Act ,
California Privacy Rights Act (CPRA) ,
Consent Order ,
Cybersecurity ,
Data Privacy ,
Data Retention ,
EU ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
NYDFS ,
Personal Information ,
Risk Assessment ,
Twitter
California Exemptions for B2B and Employee Data Set To Expire -
With August 31 marking the last day of the legislative session, the California legislature’s failure to extend business-to-business and employee data exemptions...more
9/19/2022
/ B2B Organizations ,
California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
CARU ,
CIPA ,
Cybersecurity ,
Dress Codes ,
Enforcement ,
Information Commissioner's Office (ICO) ,
New Guidance ,
Personal Data ,
Popular ,
Rulemaking Process ,
U.S. Treasury ,
Wiretapping
According to a recent unpublished Ninth Circuit ruling, failure to obtain consent prior to using recording technologies is not sufficient for purposes of the California Invasion of Privacy Act (CIPA). This ruling is notable...more
FTC Publishes Advance Notice of Proposed Rulemaking on Commercial Surveillance and Data Security -
Concerned that companies use secret surveillance practices to collect “vast troves” of consumer information, the Federal...more
8/18/2022
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
California Consumer Privacy Act (CCPA) ,
CIPA ,
Data Security ,
Department of Justice (DOJ) ,
Federal Trade Commission (FTC) ,
Privacy Laws ,
Rulemaking Process ,
Sensitive Personal Information ,
UK ,
UK Data Protection Act
Five new state omnibus privacy laws have been passed and will go into effect in 2023. Organizations should review their privacy practices and prepare for compliance with these new privacy laws....more
The Federal Trade Commission (FTC) recently announced plans to crack down on the illegal use and sharing of sensitive data in response to the recent Supreme Court decision in Dobbs v. Jackson Women’s Health Organization...more
The Federal Trade Commission (FTC) recently cracked down on Lithionics Battery, LLC, and Lions Not Sheep Products, LLC, for violating the FTC’s Made in USA Labeling Rule. These are some of the first enforcement actions after...more
CPPA Amends Draft CPRA Regulations & Announces Public Comment Dates -
The California Privacy Protection Agency (CPPA) has announced amendments to the California Privacy Rights Act proposed regulations, which primarily...more
7/13/2022
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Cookies ,
Data Breach ,
Data Brokers ,
Data Protection ,
Department of Justice (DOJ) ,
Enforcement ,
Federal Trade Commission (FTC) ,
FTC Act ,
General Data Protection Regulation (GDPR) ,
Metaverse ,
New Regulations ,
Privacy Laws ,
Rulemaking Process
As more states enact their own privacy laws, members of the privacy community and those impacted by privacy legislation continue to push for uniformity. The American Data Privacy and Protection Act (ADPPA) addresses this...more
7/6/2022
/ Biometric Information Privacy Act ,
Breach Notification Rule ,
California Consumer Privacy Act (CCPA) ,
Chief Privacy Officer ,
Communications Act of 1934 ,
Consumer Privacy Rights ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Data Privacy ,
Federal Trade Commission (FTC) ,
Online Safety for Children
The Federal Trade Commission (FTC) and Department of Justice (DOJ) recently ordered Twitter to pay $150 million for violating a 2011 FTC order that prohibited the company from misrepresenting its privacy and data security...more
California Privacy Protection Agency Releases Draft CPRA Regulations -
The California Privacy Protection Agency (CPPA) just released proposed California Privacy Rights Act (CPRA) regulations. The regulations expand...more
6/8/2022
/ Artificial Intelligence ,
Biometric Information ,
California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
CNIL ,
Cyber Crimes ,
Data Breach ,
Data Security ,
Department of Justice (DOJ) ,
Employment Discrimination ,
Equal Employment Opportunity Commission (EEOC) ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
Hiring & Firing ,
Job Applicants ,
Personal Information ,
Privacy Laws ,
Schrems I & Schrems II
As technology becomes increasingly a part of student learning, education technology (ed tech) companies, parents, and educators should stay abreast of children’s privacy rights under the Children’s Online Privacy Protection...more
Connecticut Passes the Fifth US State Consumer Privacy Law -
The Connecticut governor has formally signed and passed An Act Concerning Personal Data Privacy and Online Monitoring (CPDA), making this law the fifth US state...more
5/19/2022
/ Americans with Disabilities Act (ADA) ,
Artificial Intelligence ,
Blockchain ,
Brazil ,
CDPA ,
CNIL ,
Computer Fraud and Abuse Act (CFAA) ,
Cookies ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Data Processing Rules ,
Data Protection ,
Denmark ,
Department of Justice (DOJ) ,
European Parliament ,
France ,
General Data Protection Regulation (GDPR) ,
New Legislation ,
NIST ,
PHMSA ,
Proposed Amendments ,
Risk Mitigation ,
SCOTUS ,
Supply Chain ,
Virginia
Colorado Attorney General Seeks Rulemaking Comments for the Colorado Privacy Act -
With the Notice of Proposed Rulemaking set for fall 2022, Colorado’s Attorney General office is currently inviting preliminary comments for...more
4/8/2022
/ Artificial Intelligence ,
Chile ,
China ,
CNIL ,
Colorado ,
Cyber Incident Reporting ,
EU ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Commissioner's Office (ICO) ,
NIST ,
Personal Data ,
Risk Management ,
Rulemaking Process ,
Social Media ,
State Privacy Laws
Over half a decade after the industry developed its own standards in light of a lack of meaningful guidance from regulators, the Department of Justice recently issued a guidance document on compliance with the Americans with...more
The European Union (EU) and the United States (US) government have now reached an agreement in principle for a “Privacy Shield 2.0” to replace the original Privacy Shield Framework that was invalidated under the Schrems II...more
As more and more companies are developing and/or utilizing artificial intelligence (AI), it is important to consider risk management and best practices to address issues like bias in AI. The National Institute of Standards...more
US News -
Utah Will Soon Publish US’s Latest Comprehensive State Privacy Law -
The Utah Consumer Privacy Act, also known as Senate Bill 227, recently cleared the Senate and the House. Though there are a few more steps...more
3/11/2022
/ Biometric Information Privacy Act ,
California Privacy Rights Act (CPRA) ,
Class Action ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Department of Justice (DOJ) ,
Dismissals ,
Enforcement ,
EU ,
European Commission ,
General Data Protection Regulation (GDPR) ,
India ,
New Legislation ,
Oman ,
Popular ,
Privacy Laws ,
Proposed Regulation ,
Settlement ,
State and Local Government ,
State Privacy Laws ,
Wiretapping ,
Workers Compensation Act
In a first-of-its-kind case, the Federal Trade Commission required Fashion Nova to pay $4.2 Million for blocking negative customer reviews in violation of the FTC Act. Shortly after, the agency released new guidance for...more
The New York State Fashion Sustainability and Social Accountability Act (S7428/ A8352) (Fashion Act) would require fashion retailers and manufacturers doing business in New York State to comply with stringent supply chain...more
Effective January 1, 2022, California Senate Bill 41, the Genetic Information Privacy Act (GIPA), imposes requirements on the collection, use, and disclosure of genetic data collected or derived from direct-to-consumer...more
The Digital Millennium Copyright Act (the DMCA) governs the protection of copyrighted material in the digital environment. Among other things, the DMCA criminalizes circumvention of digital rights management tools that...more