As anyone who uses the internet can attest, cookies banners pop up on almost every type of website and offer a dizzying and often annoying array of approaches and options to consumers. It is difficult to parse through what...more
4/11/2025
/ Advertising ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consent ,
Cookie Banners ,
Data Collection ,
Enforcement Actions ,
Honda ,
Opt-Outs ,
Privacy Laws ,
Websites
On September 29, 2024, California Governor Gavin Newsom signed AB 1824 into law, amending the California Consumer Privacy Act (CCPA) to require entities involved in corporate transactions, such as mergers and acquisitions,...more
12/9/2024
/ Acquisitions ,
Amended Legislation ,
California Consumer Privacy Act (CCPA) ,
Consent ,
Consumer Privacy Rights ,
Data Brokers ,
Data Collection ,
Data Sellers ,
Data-Sharing ,
Governor Newsom ,
Mergers ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws
New York may lead the charge on implementation of data excise taxes (i.e., “data mining taxes”) which will impose taxes on businesses that collect personal data. These data excise taxes primarily target large tech companies...more
What are the unique features concerning the processing of biometric data under the MHMDA?
The MHMDA defines “biometric data” very broadly. Specifically, biometric data is “data that is generated from the measurement or...more
On April 27, 2023, the Washington State governor signed into law the My Health My Data Act or the MHMDA. In spite of the onerous and at times confusing requirements of the MHMDA, the Washington Attorney General (AG) has only...more
1/30/2024
/ Compliance ,
Consent ,
Data Collection ,
Data Privacy ,
Data Subject Access Requests ,
Effective Date ,
Notice Requirements ,
Penalties ,
Personal Information ,
PHI ,
Privacy Laws ,
State Privacy Laws
On October 10, 2023, California Governor Gavin Newsom signed SB 362 into law. The “Delete Act” is intended to bridge a gap in consumer privacy rights – whereas the California Privacy Rights Act (the CPRA) grants consumers the...more
On September 21, 2023, the Colorado Division of Insurance adopted a Final Regulation implementing S.B. 21-169, the 2021 law governing Colorado-licensed insurers’ use of external consumer data and information sources (ECDIS),...more
11/30/2023
/ Algorithms ,
Anti-Discrimination Policies ,
Artificial Intelligence ,
Consumer Privacy Rights ,
Data Collection ,
Final Rules ,
Insurance Industry ,
Life Insurance ,
NAIC ,
Predictive Analytics ,
Risk Management ,
Underwriting
On June 16, 2023, Nevada Governor Joe Lombardo signed SB 370 into law. This new law is a consumer health data bill that is similar in many ways to Washington’s My Health My Data Act (MHMDA). SB 370, like most provisions of...more
On March 15, 2023, the Colorado Attorney General’s Office announced the finalization of the Regulations implementing the Colorado Privacy Act (CPA), which will take effect on July 1, 2023. Covered businesses that make use of...more
The Federal Trade Commission (“FTC”) has issued a policy statement addressing biometric technologies in a signal of enforcement actions to come: It states: “In light of the evolving technologies and risks to consumers, the...more
5/26/2023
/ Biometric Information ,
Data Collection ,
Data Privacy ,
Data Security ,
Enforcement ,
Enforcement Actions ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
Policies and Procedures ,
Policy Statement ,
Risk Assessment ,
Unfair or Deceptive Trade Practices
“Precise Geolocation” has become a hot button issue in the privacy world with recent data privacy laws seeking to regulate the collection and processing of such information, including in California and Virginia. The...more
3/30/2023
/ California Consumer Privacy Act (CCPA) ,
Consumer Information ,
Data Collection ,
Federal Trade Commission (FTC) ,
Geolocation ,
Guidance Update ,
Location Data ,
Location Privacy ,
Mobile Apps ,
Mobile Devices ,
Privacy Concerns ,
Third-Party Service Provider
2023 will be yet another dynamic year for data privacy regulation. In addition to the data privacy laws in Virginia, Colorado, Utah, and Connecticut going into force this year, businesses also have to contend with the fact...more
In the last year, we continued to see a shift in the privacy landscape of the United States, including the passage of comprehensive privacy legislation in both Virginia and Colorado, while other states still have bills under...more
1/21/2022
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
COPPA ,
Covered Entities ,
Data Collection ,
FERPA ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
International Data Transfers ,
Personal Information ,
Prior Express Consent ,
Proposed Legislation
What is a data protection impact assessment (DPIA)?
A data protection impact assessment or data protection assessment (DPIA) is a form of risk assessment that is designed to help organizations identify, analyze and...more
On November 3, 2020, Californians voted to pass Proposition 24, expanding and modifying the California Consumer Privacy Act (“CCPA”), which came into force on January 1, 2020. The new California Privacy Rights Act (“CPRA”)...more
Session Replay Software is a type of software typically utilized by businesses with consumer-facing websites. These businesses are typically very interested in making their website more interactive and responsive to consumer...more
Setting new precedent in the world of data, the FTC has found that the work product of ill-gotten data is no longer retainable by the developer. On January 11, 2021, the U.S. Federal Trade Commission (FTC) announced that it...more
3/18/2021
/ Algorithms ,
Biometric Information ,
Data Collection ,
Data Retention ,
Enforcement Actions ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
Mobile Apps ,
Section 5 ,
Software ,
Software Developers ,
Unfair or Deceptive Trade Practices
On November 3, 2020, Californians voted to pass Proposition 24, expanding and modifying the California Consumer Privacy Act (“CCPA”), which came into force on January 1, 2020. The new California Privacy Rights Act (“CPRA”),...more