On April 22, 2025, the Federal Trade Commission’s (FTC) changes to the Children’s Online Privacy Protection Rule (COPPA Rule) were published in the Federal Register. The updates will go into effect on June 23, 2025, and...more
5/15/2025
/ Advertising ,
COPPA ,
Data Collection ,
Data Privacy ,
Data Retention ,
Data Security ,
Data-Sharing ,
Parental Consent ,
Regulatory Agenda ,
Regulatory Oversight ,
Regulatory Requirements ,
Transparency
The act of predicting what will become the dominating storyline of data privacy and cybersecurity in 2025 is a hazardous enterprise, as one is almost surely to get something wrong. Without fail, every year, regulators and the...more
1/6/2025
/ Artificial Intelligence ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Digital Operational Resilience Act (DORA) ,
Enforcement Actions ,
EU ,
Machine Learning ,
PCI-DSS Standard ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
State Privacy Laws ,
Technology Sector ,
Web Tracking ,
Websites
On December 5, 2024, the Colorado Department of Law (Department) adopted an amended draft of its latest proposed Colorado Privacy Act (CPA) regulations. This set of amended regulations follows a public comment period that...more
12/11/2024
/ Colorado ,
Comment Period ,
Consumer Privacy Rights ,
Data Protection ,
Data Security ,
Legislative Agendas ,
Privacy Acts ,
Proposed Regulation ,
Proposed Rules ,
Regulatory Agenda ,
State Privacy Laws
CALIFORNIA -
On March 29, 2024, the amended California Consumer Privacy Act (CCPA) regulations will take effect. These regulations were originally slated to take effect in 2023, but a court ruling (that is being appealed)...more
1/11/2024
/ California ,
Colorado ,
Connecticut ,
Cybersecurity ,
Data Privacy ,
Data Protection Acts ,
Data Security ,
Florida ,
Montana ,
Oregon ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Reform ,
State and Local Government ,
State Privacy Laws ,
Texas ,
Virginia ,
Washington
This has been a busy year for privacy legislation, with dozens of states deliberating consumer privacy bills. Today, 13 states have their own consumer privacy laws, a tally that climbs to 15 if we include the health privacy...more
Following in the footsteps of Washington State’s My Health My Data Act, Nevada SB 370 and Connecticut SB 3 were both recently approved by their respective governors. As detailed below, the laws impose a number of new...more
On August 29, 2022, the Federal Trade Commission (FTC) filed a lawsuit against Kochava, Inc. alleging that Kochava engaged in unfair and deceptive practices by selling the “precise location information” of consumers. This...more
On May 27, 2022, the California Privacy Protection Agency (CPPA) released draft regulations (though still not yet part of a formal rulemaking process) that include what would be seismic changes to California Privacy Rights...more
6/2/2022
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Personally Identifiable Information ,
Proposed Rules ,
State Privacy Laws
On December 10, 2021, multiple media outlets, the Cybersecurity and Infrastructure Security Administration (CISA), and the director of cybersecurity at the National Security Agency (NSA) began alerting to a significant...more
12/13/2021
/ Corporate Counsel ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Data Protection ,
Data Security ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
National Security ,
National Security Agency (NSA) ,
Popular ,
Software
The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) recently issued a Ransomware Profile identifying steps organizations can take to prevent, respond to and recover from...more
9/24/2021
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Loss Prevention ,
Data Privacy ,
Data Protection ,
Data Security ,
NIST ,
Popular ,
Ransomware ,
Risk Management
On September 17, 2021, a panel of the Illinois Appellate Court for the First District issued a significant decision on the question of which statute of limitations apply to claims under the Illinois Biometric Information...more
9/22/2021
/ Appeals ,
Appellate Briefs ,
Biometric Information ,
Biometric Information Privacy Act ,
Data Collection ,
Data Privacy ,
Data Security ,
Illinois ,
Informed Consent ,
Rules of Civil Procedure ,
Statute of Limitations