On July 16, 2024, the California Privacy Protection Agency (CPPA) Board met to discuss advancing a substantial draft California Consumer Privacy Act (CCPA) rulemaking package to formal proceedings. The proposed...more
8/8/2024
/ Artificial Intelligence ,
California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Popular ,
State Privacy Laws
In the first half of 2024, seven new states—Kentucky, Maryland, Minnesota, Nebraska, New Hampshire, New Jersey, and Rhode Island—all enacted their takes on comprehensive privacy laws, bringing the total number of states with...more
On June 20, 2024, the United States District Court for the Northern District of Texas ordered the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) to vacate its guidance that had restricted...more
6/26/2024
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Popular ,
Texas ,
Web Tracking
On February 9, 2024, the California Third District Court of Appeals in Sacramento overturned a lower court order that postponed enforcement of the California Privacy Protection Agency’s (CPPA) newest rules. The decision...more
2/14/2024
/ California ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws
On December 8, 2023, the California Privacy Protection Agency (CPPA) Board discussed a draft of its forthcoming artificial intelligence (AI) regulations on automated decision making technology (ADMT). The proposed...more
12/19/2023
/ Artificial Intelligence ,
Automation Systems ,
California ,
California Privacy Protection Agency (CPPA) ,
Cybersecurity ,
Data Management ,
Data Protection ,
Machine Learning ,
Proposed Regulation ,
Regulatory Agenda ,
Regulatory Reform
New Requirements Include Identifying Specific Third Parties to Whom Businesses Disclose Data and Consent for Targeted Advertising to Teens -
Texas, Oregon, and Delaware are the latest states to join the growing landscape...more
7/24/2023
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Delaware ,
Opt-Outs ,
Oregon ,
Personal Information ,
Privacy Laws ,
State Privacy Laws ,
Texas
In a shocking turn of events, a Superior Court for the County of Sacramento issued a ruling on June 30, 2023, enjoining the enforcement of the California Privacy Protection Agency’s (the “Agency’s”) California Privacy Rights...more
On July 1, 2023, the Colorado Privacy Act (ColoPA) and Connecticut Data Privacy Act (CTDPA) will go into effect, joining California and Virginia, whose data privacy laws are already in effect. Notably, while the California...more
6/29/2023
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Colorado ,
Connecticut ,
Consent ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws
On April 27, 2023, Washington State Governor Jay Inslee signed a far-reaching health privacy law entitled the “My Health My Data Act” (the Act), which extends protections to consumer health data collected by entities not...more
On January 27, 2023, the Colorado Attorney General’s (Colorado AG) office released the third version of its proposed draft rules (third draft) for the Colorado Privacy Act (ColoPA) based on public comments it received on...more
On December 21, 2022, the Colorado Attorney General’s office published an updated version of proposed draft rules (“modified draft rules”) to the Colorado Privacy Act (ColoPA), which revise the initial draft rules issued in...more
Utah is poised to become the fourth state to enact comprehensive consumer privacy legislation, following California, Virginia, and Colorado. Earlier this month, Utah's legislature passed the Utah Consumer Privacy Act (S.B....more
The California Privacy Protection Agency (CPPA), the newly formed state agency responsible for implementing the California Privacy Rights Act (CPRA), recently posted its first invitation for public comment on proposed...more
Recently, the Office of the Attorney General of California announced three major updates that 1) added to the California Consumer Privacy Act's (CCPA) opt-out rules related to the sale of personal information, 2) made it...more
7/27/2021
/ California ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
State and Local Government
Colorado may soon enter the national stage for its new privacy legislation. On June 8, 2021, Colorado's legislature passed the Colorado Privacy Act (SB21-190) (ColoPA). The bill was recently sent to the Colorado governor's...more
Apple recently announced that app developers must check a series of yes/no boxes that will generate a "nutrition label"-style summary of the app's privacy practices. This new summary, formally called "App Privacy," will be...more
On Election Day, November 3, 2020, California voters overwhelmingly voted in favor of Proposition 24—a ballot measure that creates the California Privacy Rights Act (CPRA). The CPRA revises and expands the California Consumer...more
On March 11, 2020, the California Attorney General issued further revisions to the proposed regulations implementing the California Consumer Privacy Act (CCPA)....more
Updates to Compliance Likely Required -
On February 10, 2020, the California Attorney General issued the proposed text of modified regulations implementing the California Consumer Privacy Act (CCPA). This draft is a...more
2018 promises to be an interesting year in the world of privacy and cybersecurity. In this article, we highlight a few of the most notable developments we expect this year, including major developments in Europe, changes and...more
1/30/2018
/ Article 29 Working Party (WP29) ,
Carpenter v US ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
EU ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
NHTSA ,
Pending Legislation ,
Uber ,
US v Microsoft
On August 15, 2017, the Federal Trade Commission (FTC) announced that it had reached an agreement with Uber Technologies to settle allegations that the ride-sharing company had deceived consumers by failing to live up to its...more
On September 5, 2017, the Federal Trade Commission (FTC) announced that it and 32 state attorneys general had settled charges with Lenovo regarding the company's practice of pre-loading software on its laptops that...more
The last two months certainly have been eventful in the world of privacy. In this issue of The WSGR Data Advisor, we examine the Court of Justice of the European Union’s recent and highly significant Schrems decision that...more
11/20/2015
/ Comcast ,
Cybersecurity ,
EU ,
EU Data Protection Laws ,
Federal Trade Commission (FTC) ,
HIPAA Audits ,
PCI-DSS Standard ,
Schrems I & Schrems II ,
Securities and Exchange Commission (SEC) ,
Security and Privacy Controls ,
Technical Conference ,
US-EU Safe Harbor Framework
In this issue of The WSGR Data Advisor, we examine the FCC’s recent TCPA declaratory ruling and order addressing issues regarding calling and texting consumers, and discuss the new privacy, data security, and transparency...more
9/11/2015
/ Auto-Dialed Calls ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Declaratory Rulings ,
Department of Health and Human Services (HHS) ,
Drones ,
Electronic Medical Records ,
EU ,
FCC ,
Federal Trade Commission (FTC) ,
New Legislation ,
Online Privacy Protection Act ,
Security and Privacy Controls ,
TCPA ,
Technical Standards ,
Text Messages
On June 30, 2015, the Federal Trade Commission (FTC) announced the first two events of its new "Start with Security" business education initiative to provide additional guidance on data security best practices. The first...more