The Federal Trade Commission recently requested public comment from users of tech platforms. In particular, the impact the platforms may have on user speech. Input is sought -by May 21- on the extent to which tech firms are...more
3/11/2025
/ Censorship ,
Comment Period ,
Competition ,
Digital Platforms ,
Federal Trade Commission (FTC) ,
First Amendment ,
Online Platforms ,
Privacy Laws ,
Regulatory Agenda ,
Social Media ,
Technology Sector
Right of erasure (or “right to be forgotten”) has been selected by the European Data Protection Board as its priority enforcement topic for 2025. This work is being done under the “Coordinated Enforcement Framework” or “CEF.”...more
In the waning days of the Biden administration, the FTC published an update to its COPPA Privacy Rule. The status of this update, however, is unclear. The revisions to the rule were posted on the FTC website prior to the...more
The Oregon AG’s Office, along with the state’s Department of Justice, issued guidance late last year on how state laws apply to the ways businesses use AI. The guidance may be two months old, but the cautions are still...more
2/26/2025
/ Artificial Intelligence ,
Bias ,
Consumer Privacy Rights ,
Consumer Protection Laws ,
Data Privacy ,
Data Security ,
Oregon ,
Privacy Laws ,
State Privacy Laws ,
Technology Sector ,
Transparency
The New Jersey AG and the Division on Civil Rights’ new guidance on algorithmic discrimination explains how AI tools might be used in ways that violate the New Jersey Law Against Discrimination. The law applies to employers...more
2/24/2025
/ Algorithms ,
Artificial Intelligence ,
Automated Decision Systems (ADS) ,
Bias ,
Data Privacy ,
Discrimination ,
Employment Discrimination ,
Equal Employment Opportunity Commission (EEOC) ,
Hiring & Firing ,
New Guidance ,
New Jersey ,
State Attorneys General ,
State Labor Laws ,
State Privacy Laws ,
Technology Sector
The California privacy regulator recently settled with a data broker (Key Marketing Advantage LLC) that it alleged had violated the state’s data broker law. Under the Delete Act, data brokers must, among other things,...more
The Ninth Circuit continued the pause on California’s SB 976 (Protecting Our Kids from Social Media Addiction Act) as of late January 2025. The law was signed by Governor Newsom in September 2024, and challenged by NetChoice...more
Following a German case brought against the EU Commission, the EU General Court found that the Commission had made an improper transfer of personal information to the US. The plaintiff, a German citizen, alleged (among other...more
At the end of 2024 the Italian Data Protection Authority issued a 15 million euro fine in the first generative AI-related case brought under GDPR. According to Garante (the Italian authority), OpenAI trained ChatGPT with...more
1/29/2025
/ Artificial Intelligence ,
Bots ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
Enforcement Actions ,
EU ,
General Data Protection Regulation (GDPR) ,
Italy ,
Personal Data ,
Privacy Laws ,
Regulatory Requirements
It is hard to believe that another year is upon us! As we have done in years past (including 2023, 2022, 2021, 2020, 2019 and 2018), we have created a comprehensive resource of all our www.eyeonprivacy.com posts from 2024. As...more
1/22/2025
/ Artificial Intelligence ,
Biometric Information ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Brokers ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Online Safety for Children ,
Privacy Laws ,
Regulatory Agenda ,
Risk Management ,
Social Media ,
State Privacy Laws ,
Technology Sector ,
UK
The Colorado AG’s office adopted draft amendments to the Colorado Privacy Act rules last month. The adopted draft reflected input from the public to AG’s September 2024 version and addresses three key issues. First, on...more
New York has a new AI-related law which took effect January 1. The law regulates creation and use of digital replicas of an individual’s voice or likeness and is similar to those in California and Tennessee....more
1/7/2025
/ Artificial Intelligence ,
Artificial Reproduction ,
Cybersecurity ,
Innovative Technology ,
Machine Learning ,
New York ,
Privacy Laws ,
Regulatory Agenda ,
Risk Management ,
State Privacy Laws ,
Technology Sector
As 2024 came to a close, New York Gov. Hochul signed two bills (A8872A and S2376B) amending New York’s data breach law. The modifications change both what constitutes personal information under the law, as well as modifying...more
For those who send marketing texts, keep in mind the FCC one-to-one consent rule update. It has been getting some publicity, and takes effect January 27, 2025. As most are aware, TCPA requires getting consent before sending...more
The Federal Trade Commission recently settled complaints against two data brokers over their handling of consumers’ sensitive location information. The agency alleged that such practices constitute unfair practices. Under the...more
Are you ready for the next set of US state privacy laws going into effect? Delaware, Iowa, Nebraska, and New Hampshire are effective January 1, and New Jersey’s law go into effect two weeks later (January 15)....more
In the waning months of the current administration, the White House issued a memo setting forth actions focused on national security as directed in the AI Executive Order from last year. As a reminder, the order -while...more
12/17/2024
/ Artificial Intelligence ,
Biden Administration ,
Cybersecurity ,
Data Security ,
Executive Orders ,
Government Agencies ,
National Security ,
NIST ,
Privacy Laws ,
Regulatory Agenda ,
Technology Sector
In the fifth in our series of California developments, we turn to data broker obligations. There are two of note. First, the California privacy agency is moving forward Delete Act regulations it proposed earlier this year....more
In the fourth in our series of new CCPA regulations from California, we look at both cybersecurity audit obligations as well as the impact of the CCPA on the insurance industry. Cybersecurity Audits The proposed rules address...more
In the third in our series of new CCPA regulations from California, we look at obligations for conducting risk assessments under CCPA. CCPA had called on the California agency to promulgate rules to address such assessments,...more
In the second in our series of new CCPA regulations from California, we look at proposed rules for use of automated decisionmaking technology. As a reminder, CCPA discusses these technologies in relation to profiling, namely...more
12/12/2024
/ Artificial Intelligence ,
Automated Decision Systems (ADS) ,
California ,
California Consumer Privacy Act (CCPA) ,
Data Privacy ,
Legislative Agendas ,
Machine Learning ,
New Regulations ,
Personal Information ,
Privacy Laws ,
Privacy Policy ,
Regulatory Agenda ,
Risk Assessment ,
State and Local Government ,
State Privacy Laws ,
Technology
The California Privacy Protection Agency released proposed CCPA rules for a variety of topics in November, as well as announcing an investigative sweep for compliance with the Delete Act. Topics include the following, which...more
12/9/2024
/ Artificial Intelligence ,
Audits ,
Automated Decision Systems (ADS) ,
California ,
California Consumer Privacy Act (CCPA) ,
Comment Period ,
Cybersecurity ,
Data Brokers ,
Deadlines ,
Enforcement Actions ,
Insurance Industry ,
Legislative Agendas ,
Machine Learning ,
Privacy Laws ,
Proposed Rules ,
Regulatory Agenda ,
State Privacy Laws
The FTC updated its Negative Option Rule last month and gave it a new name to emphasize the expanded scope of programs to which it applies. It will now be the “Rule Concerning Recurring Subscriptions and Other Negative Option...more
The New York Attorney General’s Office recently settled with Albany ENT & Allergy Services over claims that the healthcare provider failed to protect over 200,000 consumers’ private health information. The claims stem from...more
The United Kingdom and the United States released a joint statement last month outlining plans focused on children’s online privacy. As indicated in the statement, they intend to engage national institutions and other...more