On January 16, 2025, the Federal Trade Commission (FTC) finalized amendments to the Children’s Online Privacy Protection Act (COPPA) Rule (Final Rule), which completes the process that started back in 2019 when the FTC sought...more
1/23/2025
/ Advertising to Minors ,
Amended Legislation ,
Consumer Privacy Rights ,
COPPA ,
Data Privacy ,
Data Retention ,
Federal Trade Commission (FTC) ,
Final Rules ,
Minors ,
Online Platforms ,
Personal Data ,
Personal Information ,
Privacy Laws ,
Privacy Notice Rule
On September 18, 2023, a U.S. District Court judge in the Northern District of California granted a preliminary injunction enjoining California’s attorney general from enforcing California’s California Age-Appropriate Design...more
9/26/2023
/ California ,
Communications Decency Act ,
COPPA ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Enforcement Actions ,
Governor Newsom ,
Intellectual Property Protection ,
New Legislation ,
Online Safety for Children ,
Popular ,
Preliminary Injunctions ,
Privacy Laws ,
Proposed Legislation
The FTC recently published a policy statement with its enforcement priorities for the misuse of biometric information. To be clear, there are no new federal laws that specifically regulate the collection or use of biometric...more
5/30/2023
/ Biometric Information ,
Biometric Information Privacy Act ,
Data Collection ,
Data Privacy ,
Data Protection ,
Employees ,
Facial Recognition Technology ,
Federal Contractors ,
Federal Trade Commission (FTC) ,
FTC Act ,
Independent Contractors ,
Policy Statement ,
Section 5 ,
State Privacy Laws
The White House announced last Thursday its highly anticipated National Cybersecurity Strategy (NCS). Although largely aspirational and short on concrete plans, the 39-page NCS is the Biden administration’s most ambitious...more
3/9/2023
/ Biden Administration ,
Cloud Computing ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Justice (DOJ) ,
Financial Services Industry ,
Government Agencies ,
National Security
On December 19, 2022, the Federal Trade Commission (FTC) announced a settlement with Epic Games Inc. (Epic) over its wildly popular game “Fortnite.” The settlement requires Epic to pay $275 million in penalties to resolve...more
1/11/2023
/ Best Practices ,
COPPA ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Online Gaming ,
Online Safety for Children ,
Personal Information ,
Risk Management
In this session, presenters will provide an overview of the current cybersecurity landscape, including the patchwork of state and national security requirements and common law negligence. The presenters will also provide an...more
12/22/2022
/ Best Practices ,
Continuing Legal Education ,
Cybersecurity ,
Data Privacy ,
Data Security ,
National Security ,
New Legislation ,
Privacy Laws ,
Proposed Legislation ,
Regulatory Agenda ,
Risk Management ,
Webinars
In September 2022, California Governor Gavin Newsom signed into law the California Age Appropriate Design Code Act (CAADCA). Beginning July 1, 2024, the act will require businesses that provide online services or features...more
12/16/2022
/ Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Governor Newsom ,
Impact Assessments ,
Mobile Apps ,
New Legislation ,
Online Gaming ,
Online Safety for Children ,
Privacy Laws ,
Regulatory Agenda ,
State Privacy Laws ,
Webinars
Will the FTC be the new vanguard for federal privacy laws about consumer data? The agency has expressed broad concerns about data handling, including lax data security, harm to children, discrimination and retaliation against...more
There is new hope for companies that transfer data from Europe to the United States that the return of a less administratively burdensome mechanism is on the horizon...more
10/17/2022
/ Biden Administration ,
Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Data Privacy ,
EU ,
EU-US Privacy Shield ,
Executive Orders ,
Foreign Intellgence ,
International Data Transfers ,
National Intelligence Agencies ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
Surveillance
Case Overview -
This week’s U.S. Securities and Exchange Commission enforcement cease-and-desist order (Order) In re App Annie Inc., out of the SEC’s San Francisco Regional Office, underscores the importance of taking...more
9/20/2021
/ Cease and Desist Orders ,
Civil Monetary Penalty ,
Cryptocurrency ,
Data Management ,
Data Privacy ,
Data Security ,
Intellectual Property Protection ,
Mobile Apps ,
Personal Information ,
Policies and Procedures ,
Regulation S-P ,
Securities and Exchange Commission (SEC)
When Apple announced that one of the major focuses of iOS 14 would be enhancing user privacy, many in the tech community had questions. How would these changes be rolled out? How would they affect not only the mobile...more
11/3/2020
/ Advertising ,
App Developers ,
Apple ,
Consent ,
Data Collection ,
Data Privacy ,
Data-Sharing ,
Disclosure ,
Mobile Apps ,
Online Privacy Protection Act ,
Online Safety for Children
In 2019, we published analysis to help tech and life sciences companies navigate U.S. tax law changes, an evolving IP landscape and new privacy regulations such as the California Consumer Privacy Act. We also tracked venture...more
1/8/2020
/ ABC Test ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Convertible Debt ,
Corporate Governance ,
Data Privacy ,
Debt Financing ,
Direct Listing ,
Diversity ,
Emerging Technology Companies ,
Employer Liability Issues ,
Foreign Tax Credits ,
Hiring & Firing ,
Independent Contractors ,
Intellectual Property Litigation ,
Intellectual Property Protection ,
Internal Revenue Code (IRC) ,
IRS ,
Life Sciences ,
Misclassification ,
New Guidance ,
Pharmaceutical Industry ,
Privacy Laws ,
Proposed Regulation ,
Proxy Season ,
Silicon Valley ,
Startups ,
Tax Credits ,
Tax Cuts and Jobs Act ,
Venture Capital ,
Withholding Tax ,
Woman Board Members
Eight Weeks and Counting to the Deadline. The California Consumer Privacy Act (CCPA) becomes effective on Jan. 1, 2020. With the compliance deadline rapidly approaching, the finish line seems farther away than ever. In this...more
11/7/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Brokers ,
Data Privacy ,
Employee Privacy Rights ,
Human Resources Professionals ,
Personal Information ,
Privacy Laws ,
Private Right of Action ,
Public Comment
The Federal Trade Commission is putting more teeth into the multiyear compliance obligations of consent orders it enters into with companies to settle enforcement actions related to data breaches. The FTC recently issued a...more
5/30/2019
/ Best Practices ,
Consent Order ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Information Security ,
Personal Data ,
Risk Management ,
Security Risk Assessments ,
Vendor Contacts
In a highly anticipated ruling, the Illinois Supreme Court on January 25, 2019, held that plaintiffs who violated the Illinois Biometric Information Privacy Act — which regulates the collection of biometric information such...more
1/30/2019
/ Actual Injuries ,
Amusement Parks ,
Appeals ,
Article III ,
Biometric Information ,
Biometric Information Privacy Act ,
Data Collection ,
Data Privacy ,
Fingerprints ,
IL Supreme Court ,
Injunctive Relief ,
Liquidated Damages ,
Parental Consent ,
Personally Identifiable Information ,
Private Right of Action ,
Putative Class Actions ,
Risk Mitigation ,
Standing ,
Statutory Violations
The Pennsylvania Supreme Court recently held that employers have “a legal duty to safeguard” the personal data of their employees which is stored on internet-accessible computer systems and that the economic loss doctrine...more
12/20/2018
/ Breach of Duty ,
Breach of Implied Contract ,
Class Action ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Storage ,
Duty to Protect ,
Economic Damages ,
Economic Loss Doctrine ,
Employer Liability Issues ,
Hackers ,
Identity Theft ,
Negligence ,
PA Supreme Court ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Reasonable Care ,
Remand ,
Reversal
What You Need to Know Now -
• The new law takes effect January 1, 2020, but there’s a lot to do so you need to start work now.
• The new law expands the definition of personal information and gives California consumers...more
7/17/2018
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Rights ,
Data Security ,
Data-Sharing ,
Disclosure Requirements ,
Enforcement ,
Governor Brown ,
Minors ,
New Legislation ,
Notice Requirements ,
Opt-In ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Private Right of Action ,
Right to Delete ,
Statutory Damages ,
Third-Party Service Provider ,
Vendors
The U.S. Court of Appeals for the Third Circuit has found that plaintiffs must show a causal connection between the theft of their personal information and the purported harm that they have suffered in order to survive a...more
7/13/2018
/ Appeals ,
Breach of Contract ,
Data Breach ,
Data Privacy ,
Data Security ,
Discovery ,
Dismissals ,
Economic Loss Doctrine ,
Former Employee ,
Fraudulent Charges ,
Hackers ,
Motion for Summary Judgment ,
Personally Identifiable Information ,
Property Theft ,
Putative Class Actions ,
Unjust Enrichment
The U.S. Court of Appeals for the Eleventh Circuit on June 6 issued its long-awaited decision in LabMD v. Federal Trade Commission, vacating a Federal Trade Commission cease and desist order directing LabMD to overhaul its...more
7/5/2018
/ Appeals ,
Cease and Desist Orders ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Federal Rules of Civil Procedure ,
Federal Trade Commission (FTC) ,
LabMD ,
Popular ,
Reversal ,
Unfair or Deceptive Trade Practices
Overview (10. – 6.) -
10. The European Union (EU) General Data Protection Regulation (GDPR) went into effect on May 25, 2018. It applies to the processing of “personal data” of EU citizens and residents (a/k/a “data...more
6/20/2018
/ Consent ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Subjects Rights ,
e-Discovery ,
Electronically Stored Information ,
Encryption ,
EU ,
EU Data Protection Laws ,
Exceptions ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Third-Party Service Provider
The U.S. Court of Appeals for the Second Circuit on Nov. 21, 2017, affirmed the dismissal of a putative class action alleging violations of the Illinois Biometric Information Privacy Act for failing to allege a material risk...more