On March 12, 2025, the California Privacy Protection Agency (CPPA) announced a settlement with American Honda Motor Co., resolving allegations that the company violated the California Consumer Privacy Act (CCPA) and requiring...more
3/17/2025
/ Automotive Industry ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Cookies ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data-Sharing ,
Enforcement Actions ,
Honda ,
Personal Information ,
Statutory Violations
A New York health privacy law has moved quickly through both chambers of the state legislature and is up for review by Governor Kathy Hochul. The New York Health Information Privacy Act (“NYHIPA”) bears striking resemblance...more
With the new year just around the corner and eight new privacy laws coming online next year, December is an excellent time for companies to assess their data collection and processing practices, and take stock of any changes...more
Under many circumstances, state privacy laws require businesses to pass a consumer’s valid deletion request to any entity that processes the data on behalf of the business or otherwise is a recipient of the data. These...more
On November 8, the California Privacy Protection Agency (CPPA) voted 5-0 to approve new regulations to implement the DELETE Act of 2023. The most noteworthy development was the agency’s adoption of a new definition of...more
The California Privacy Protection Agency (CPPA) has signaled it will advance rulemaking at its upcoming November 8 board meeting to place restrictions on the use of automated decision-making technology (ADMT) and impose new...more
AI capabilities are growing by the day, and with them, so are increasing government efforts to put in place guardrails, principles, and rules to govern the AI space. In May alone, Utah’s Artificial Intelligence Policy Act...more
U.S. privacy developments are moving quickly, but health data privacy is racing forward. Companies that come into contact with consumers’ health data need to track and respond to a variety of developments. Most notably, these...more
New Jersey and New Hampshire are the first states out of the gate in what promises to be another busy year in state privacy legislation.
On January 16, New Jersey Governor Phil Murphy signed the New Jersey Data Privacy...more
The year ahead promises to be busy on the state privacy front. As we’ve covered on this blog, states are continuing to fill the gap at the federal level by implementing comprehensive state laws that guarantee consumer privacy...more
The California Privacy Protection Agency (CPPA) and California Office of Attorney General (OAG) are publicly pressing ahead with enforcement now that they have the authority to enforce the California Consumer Privacy Act...more
Two years ago this month, the state of Colorado joined California and Virginia in the passage of broad consumer protection legislation when the Colorado Privacy Act (CPA) was signed into law....more
Absent a veto by Governor Jay Inslee, My Health My Data (MHMD) will become law and go into effect on March 31, 2024. While the 2023 state legislative season may see the addition of four comprehensive privacy laws (Iowa,...more
Just two months before the effective date (January 1, 2023) of the California Privacy Rights Act (“CPRA”), the California Privacy Protection Agency (“CPPA”) Board met on October 28 and 29 to discuss revisions to the agency’s...more
11/7/2022
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Opt-Outs ,
Personal Information
Warning that “[t]here are no more excuses,” California Attorney General on August 24, announced the first public settlement under the California Consumer Privacy Act (CCPA). The settlement order, which the court approved on...more
On August 11, the FTC finally launched its “commercial surveillance and data security” rulemaking after many months of hype and speculation about the FTC’s ability to address consumer privacy through its “Mag-Moss” rulemaking...more
On Wednesday, June 8, the California Privacy Protection Agency (CPPA) Board voted 4-0 (with one member absent) to initiate the CPRA rulemaking process based on the draft regulations released on May 27th prior to the Memorial...more
On Friday May 27, 2022, the California Privacy Protection Agency (CPPA) Board announced its next public meeting will be on June 8, 2022. The announcement simply stated the date of the meeting, that there are “some discussion...more
On Tuesday, Connecticut became the fifth state to pass comprehensive privacy legislation when Governor Ned Lamont signed “An Act Concerning Personal Data Privacy and Online Monitoring” into law. Connecticut joins California,...more
Last week, the Attorney General Alliance hosted a seminar to address the Colorado Privacy Act (CPA)—what it does and how to prepare for its July 1, 2023 effective date. The seminar featured a discussion with the bill’s...more
In guidance released last week, the New York State Office of the Attorney General urged businesses to incorporate safeguards to detect and prevent credential-stuffing attacks in their data security programs. The guidance...more
As we’ve all been following in the news, the House reconciliation bill to fund “human infrastructure” is still mired in negotiations, ever on the verge of either passing to monumental fanfare, or cratering in failure. Tucked...more
Last week, California’s Governor Gavin Newsom signed into law AB 694, which makes a few technical changes to the California Privacy Rights Act (CPRA). The relevant changes to the CPRA are summarized below....more
During last month’s California Privacy Protection Agency Board (CPPA) meeting, the only substantive agenda item, addressed in closed session, was a discussion of two key appointments: the first Executive Director and a Chief...more
Last week, we wrote about FTC Chair Khan’s memo describing her plans to transform the FTC’s approach to its work. This week, she followed up with a no-less-ambitious statement laying out her vision for data privacy and...more