As artificial intelligence (AI) becomes increasingly embedded into products, services, and business decisions, state and local lawmakers have been considering and passing a range of laws addressing AI....more
The European Union (EU) and United States have reached a “deal in principle” to establish a new Trans-Atlantic Data Privacy Framework (Framework), which is meant to foster the exchange of data between the EU and U.S. This new...more
On March 29-31, 2022, the National Institute for Science and Technology (NIST) held its second broad stakeholder workshop on its draft Artificial Intelligence Risk Management Framework, titled Building the NIST AI Risk...more
On March 3, 2022, the Federal Trade Commission (FTC) reached a settlement with WW International, Inc. (formerly known as Weight Watchers) and its subsidiary Kurbo, Inc. to resolve a complaint that the companies’ app – Kurbo...more
On March 3, 2022, the Utah House of Representatives passed a consumer privacy bill: the Utah Consumer Privacy Act. The bill had already passed the Utah Senate in February, and at the time of this writing, awaits a signature...more
The National Institute of Standards and Technology (NIST) has kicked off the process for revamping its flagship cybersecurity guidance document – the Framework for Improving Critical Infrastructure Cybersecurity (CSF), which...more
What: Publicly traded companies may soon be subject to additional cybersecurity reporting requirements. On March 9, 2022, the Securities and Exchange Commission (SEC) proposed rules and amendments to enhance and standardize...more
Big changes are underway in California privacy, with a brand new privacy agency, forthcoming new privacy rules due by July, and a new comprehensive privacy framework going into effect in January 2023. As businesses subject to...more
Legislators in Washington, DC, and in multiple states have rolled out proposals focused on children’s and teens’ privacy that would significantly affect companies that provide online applications and services....more
Federal agencies have been actively looking at cyber threats to critical infrastructure. In a January 27 announcement the White House said: “it will extend the Industrial Control Systems (ICS) Cybersecurity Initiative to the...more
1/28/2022
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Defense (DOD) ,
Department of Homeland Security (DHS) ,
Environmental Protection Agency (EPA) ,
Information Technology ,
Joe Biden ,
NDAA ,
Pipelines ,
Popular ,
Railways ,
Ransomware ,
Wastewater ,
Water ,
Wiretap Act
Privacy In Focus®-
The last several years have seen major developments in state privacy laws. While Congress remains gridlocked on the federal privacy front, states enacted omnibus data privacy bills that will impact...more
1/19/2022
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
CDPA ,
Colorado ,
Comment Period ,
Compliance ,
Consumer Privacy Rights ,
Corporate Counsel ,
Data Collection ,
Data Mapping ,
Data Privacy ,
Data Protection ,
Privacy Policy ,
Proposed Amendments ,
State Data Privacy Laws ,
State Privacy Laws ,
Third-Party ,
Virginia
Privacy In Focus®-
On December 10, 2021, the Federal Trade Commission (FTC) published its Annual Regulatory Plan for 2022 – the first under FTC Chair Lina Khan – noting that it “will consider developing both...more
1/19/2022
/ AMG Capital Management LLC v FTC ,
Consumer Protection Laws ,
Enforcement ,
Executive Orders ,
Federal Trade Commission (FTC) ,
Fraud ,
FTC Act ,
Joe Biden ,
Magnuson-Moss Act ,
Rulemaking Process ,
Rules of Practice ,
Unfair Competition ,
Unfair or Deceptive Trade Practices
On December 16, the Federal Trade Commission (FTC) voted 4-0 to issue an Advance Notice of Proposed Rulemaking (ANPRM) to commence a rulemaking targeting rising business and government impersonation fraud. Critically, the...more
12/21/2021
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
AMG Capital Management LLC v FTC ,
Consumer Protection Laws ,
Deceptive Intent ,
Enforcement Actions ,
Federal Register ,
Federal Trade Commission (FTC) ,
Fraud ,
FTC Act ,
Gift-Cards ,
Payment Processors ,
Scams ,
Unfair or Deceptive Trade Practices ,
Unlawful Means
At the September 30, 2021 Open Meeting, the Federal Communications Commission (FCC or Commission) adopted a Fifth Further Notice of Proposing Rulemaking (FNPRM) that proposes additional regulatory requirements on the gateway...more
As 2021 draws to a close, businesses subject to California’s privacy laws should pay close attention to developments underway in that state that will have broad impacts on compliance strategies. On September 22, 2021, the...more
At the September 30, 2021 Open Meeting, the Federal Communications Commission (FCC or Commission) adopted a Fifth Further Notice of Proposing Rulemaking (FNPRM) that proposes additional regulatory requirements on the gateway...more
On September 22, 2021, the California Privacy Protection Agency (CPPA or Agency)—the new agency established by the California Privacy Rights and Enforcement Act (CPRA)—released an Invitation for Preliminary Comments on...more
Artificial intelligence (AI) has drawn significant policy interest for quite some time now, and a federal approach is taking shape. A recent flurry of federal activity on the AI front has emanated in large part from the U.S....more
Policymakers in the United States and Europe are paying close attention to implementation of artificial intelligence (AI) across a range of sectors – focusing on issues like bias, transparency, privacy, and security. While...more
President Biden’s pick to Chair the Federal Trade Commission (FTC), Lina Khan, was confirmed and appointed on June 15, and has already moved to kick-start agency action on a number of fronts, including on both Commission...more
Companies subject to the California Consumer Privacy Act (CCPA) are required to update their online privacy policies “at least once every 12 months,” as detailed in the statute. For many companies that updated their CCPA...more
On June 8, 2021, the Colorado Legislature passed the Colorado Privacy Act (CPA or “Act”), moving Colorado close to becoming the third state in the nation with its own omnibus privacy law, joining California and Virginia. If...more
The Federal Trade Commission (FTC) has been in the headlines this month, following a significant U.S. Supreme Court decision that curbs its authority to seek monetary relief in federal court cases. However, this setback is...more
In March 2021, with the passage of the Consumer Data Protection Act (CDPA), Virginia took its place as the second state to enact comprehensive data privacy legislation. Virginia follows California, where voters recently...more
On May 12, 2021, President Biden issued the long-expected Executive Order on Improving the Nation’s Cybersecurity (“EO” or “Order”). The EO comes amidst a series of high-profile cyber-attacks on the Nation and its critical...more
5/13/2021
/ Biden Administration ,
Critical Infrastructure Sectors ,
Cyber Crimes ,
Cybersecurity ,
Executive Orders ,
Federal Contractors ,
Information Technology ,
National Security ,
Private Sector ,
Reporting Requirements ,
Supply Chain