AI capabilities are growing by the day, and with them, so are increasing government efforts to put in place guardrails, principles, and rules to govern the AI space. In May alone, Utah’s Artificial Intelligence Policy Act...more
On July 29, 2024, the FTC’s revised Health Breach Notification Rule (HBNR) takes effect. The Rule requires vendors of personal health records (PHRs) and related entities not covered by HIPAA to notify individuals, the FTC,...more
The year ahead promises to be busy on the state privacy front. As we’ve covered on this blog, states are continuing to fill the gap at the federal level by implementing comprehensive state laws that guarantee consumer privacy...more
The Federal Trade Commission (FTC) announced a Notice of Proposed Rulemaking (NPRM) to amend the Children’s Online Privacy Protection Act Rule (COPPA Rule). The COPPA Rule applies to operators of websites and online services...more
The California Privacy Protection Agency (CPPA) and California Office of Attorney General (OAG) are publicly pressing ahead with enforcement now that they have the authority to enforce the California Consumer Privacy Act...more
Google updated its privacy terms earlier this month, shifting away from offering many of its advertising services on a “service provider” basis. With the change, Google states that its Customer Match, Audience Partner API,...more
Indiana’s Consumer Data Protection Act advanced in the state legislature last week and now heads to Governor Eric J. Holcomb’s desk. The bill mirrors comprehensive privacy legislation enacted in Virginia, Utah, and Iowa,...more
On Wednesday, June 8, the California Privacy Protection Agency (CPPA) Board voted 4-0 (with one member absent) to initiate the CPRA rulemaking process based on the draft regulations released on May 27th prior to the Memorial...more
On Friday June 3, a bipartisan group of leaders from key House and Senate committees released a new “discussion draft” bill to establish nationwide standards for consumer privacy. The proposal (the American Data Privacy and...more
On Friday May 27, 2022, the California Privacy Protection Agency (CPPA) Board announced its next public meeting will be on June 8, 2022. The announcement simply stated the date of the meeting, that there are “some discussion...more
In guidance released last week, the New York State Office of the Attorney General urged businesses to incorporate safeguards to detect and prevent credential-stuffing attacks in their data security programs. The guidance...more
Last week, California’s Governor Gavin Newsom signed into law AB 694, which makes a few technical changes to the California Privacy Rights Act (CPRA). The relevant changes to the CPRA are summarized below....more
On September 22, the California Privacy Protection Agency (CPPA) issued an invitation for public comments as part of its first “preliminary” rulemaking activities. Established by the California Privacy Rights Act (CPRA)...more
On June 2, California Attorney General Xavier Becerra announced that he had submitted final CCPA regulations to the Office of Administrative Law (OAL) for review. The final regulations are substantively identical to the...more
6/3/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Personal Information ,
Privacy Laws ,
Proposed Regulation ,
State Attorneys General
The CCPA grants the California Attorney General (AG) the authority to enforce the CCPA starting on July 1, 2020. Last month, the AG confirmed no intention to delay that enforcement date due to the COVID-19 pandemic, despite...more
On Wednesday, the California Attorney General (AG) released a third draft of proposed CCPA regulations for public comment. The draft contains a series of technical corrections, along with a handful of substantive incremental...more
3/12/2020
/ Attorney General ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Personal Information ,
Popular ,
Privacy Laws ,
Proposed Regulation
The January 1, 2020 effective date of the California Consumer Privacy Act (CCPA) has come and gone, but questions about how to comply with the law show no hint of disappearing. As companies move past their efforts to comply...more
1/8/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Opt-Outs ,
Personal Information ,
Privacy Laws ,
Private Right of Action ,
Right to Delete
In exactly two months, the California Consumer Privacy Act (CCPA) takes effect. Many businesses are devoting resources to timely comply, but between the late rollout of the Attorney General’s draft regulations, recent...more
11/1/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Opt-Outs ,
Personal Information ,
Popular ,
Privacy Laws ,
Private Right of Action
On Friday, California Governor Gavin Newsom signed seven legislative proposals to amend the California Consumer Privacy Act (CCPA), marking the end of a nearly-yearlong process to make changes to the new privacy law before it...more
10/14/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Governor Newsom ,
Opt-Outs ,
Personal Information ,
Privacy Laws
On Thursday, California Attorney General Xavier Becerra released draft regulations implementing the California Consumer Privacy Act (CCPA). The regulations provide the first glimpse into how the Attorney General interprets...more
Last week, the California legislature voted to send five amendments to the CCPA to the California governor’s desk. The amendments include a one-year exemption for access and deletion rights to employee data and B2B...more
9/16/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Personal Information ,
Popular ,
Privacy Laws ,
Right to Delete
This week marks the final opportunity for California lawmakers to amend the CCPA before the legislative session closes on Friday, September 13th. The legislative posture of the amendments changed last Friday, when the Senate...more
Amendments to the California Consumer Privacy Act (CCPA) continued to advance on Monday, as the California legislature returned from its summer recess. With just five weeks to go until the September 13th deadline for the...more
Even in her extensive dissent, FTC Commissioner Rebecca Slaughter labeled the Order “exceptional.”
And it is. The terms of the Federal Trade Commission’s (FTC) $5 billion, twenty-year settlement Order reached with...more
Seven amendments to the California Consumer Privacy Act (CCPA) are one step closer to becoming law after the California Senate Committee on the Judiciary voted to advance the legislation earlier this month....more