On February 21, 2025, representatives in the California legislature introduced California Assembly Bill 1355, also known as the California Location Privacy Act (“AB 1355”). AB 1355 seeks to amend the California Consumer...more
3/13/2025
/ California ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Enforcement ,
Location Data ,
Location Privacy ,
Prior Express Consent ,
Proposed Legislation ,
Regulatory Agenda ,
State Attorneys General ,
State Privacy Laws
On February 12, 2025, the House Energy and Commerce Committee Chair Brett Guthrie (R-Ky) and Vice Chair John Joyce (R-Pa) announced the formation of 12-member working group tasked with developing comprehensive data privacy...more
2/20/2025
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
Federal Data Privacy ,
Federal Trade Commission (FTC) ,
Legislative Agendas ,
Personal Data ,
Proposed Legislation ,
Regulatory Agenda ,
State Privacy Laws ,
Working Groups
On January 6, 2025, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) published a Notice of Proposed Rulemaking (“NPRM”) to amend the Health Insurance Portability and Accountability Act...more
1/14/2025
/ Comment Period ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Security Rule ,
NPRM ,
OCR ,
Patient Privacy Rights ,
Public Comment ,
Regulatory Agenda ,
Regulatory Reform ,
Risk Management
In today’s podcast episode, we’re joined by Alex Johnson, Founder of Fintech Takes, and Paige Paridon, Senior Vice President, Senior Associate General Counsel & Co-Head of Regulatory Affairs at Bank Policy Institute, to take...more
The Dutch Data Protection Authority (the “Dutch DPA”) issued a €4.75 million (approximately $5 million USD) fine on Netflix in connection with a data access investigation that started in 2019. The investigation arose out of...more
On December 3, 2024, the Consumer Financial Protection Bureau (CFPB) published its long anticipated proposed rule aimed at regulating data brokers under the Fair Credit Reporting Act (FCRA). Although the CFPB’s future is...more
On December 5, 2024, the Colorado Department of Law adopted amended rules to the Colorado Privacy Act (CPA)....more
On November 7, 2024, Michigan lawmakers in the Senate introduced the Reproductive Data Privacy Act (“RDPA”), also known as Senate Bill 1082 (SB 1082). The bill aims to strengthen privacy protections for sensitive...more
On November 12, 2024, the Consumer Financial Protection Bureau (CFPB) released a report examining the carve outs and limitations contained in comprehensive state privacy laws relating to financial institutions. In an...more
11/21/2024
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Fair Credit Reporting Act (FCRA) ,
Financial Institutions ,
Gramm-Leach-Blilely Act ,
Open Banking ,
Personal Information ,
Regulatory Oversight ,
State Privacy Laws
On November 14, 2024, the California Privacy Protection Agency (“CPPA”), which is tasked with enforcing the California Consumer Privacy Act (the “CCPA”), announced it settled with two data brokers, Growbots, Inc. and UpLead...more
11/18/2024
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Brokers ,
Data Management ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Personal Information ,
Registration Requirement ,
Regulatory Requirements ,
Settlement ,
State Privacy Laws ,
Statutory Violations
On October 22, 2024, the Consumer Financial Protection Bureau (“CFPB”) issued its final rule implementing Section 1033 of the Dodd-Frank Act (the “Final Rule” or the “Open Banking Rule”), granting consumers greater access...more
10/25/2024
/ Banks ,
Consumer Data Requests ,
Consumer Financial Products ,
Consumer Financial Protection Bureau (CFPB) ,
Data Management ,
Depository Institutions ,
Dodd-Frank ,
Final Rules ,
Financial Regulatory Reform ,
Financial Services Industry ,
Open Banking ,
Regulation E ,
Regulation Z ,
Right of Access
On October 22, 2024, the Consumer Financial Protection Bureau (“CFPB”) issued its final rule implementing Section 1033 of the Dodd-Frank Act (the “Final Rule” or the “Open Banking Rule”), granting consumers greater access...more
10/24/2024
/ Consumer Data Requests ,
Consumer Financial Products ,
Consumer Financial Protection Bureau (CFPB) ,
Data Management ,
Dodd-Frank ,
Final Rules ,
Financial Institutions ,
Financial Regulatory Reform ,
Financial Services Industry ,
Open Banking ,
Popular
As part of a new enforcement initiative called “Operation AI Comply,” the FTC recently announced that it has brought the following five enforcement actions against businesses that use or sell AI tools in a manner that the FTC...more
On August 5, 2024, Illinois Governor J.B. Pritzker signed into law SB 2979, significantly amending the state’s Biometric Information Privacy Act (BIPA). This update represents a considerable decrease in the potential for...more
The State of Texas and Meta Platforms Inc. (“Meta”) have agreed to a $1.4 billion settlement, to be paid out over five years, to resolve claims relating to Meta’s alleged use of facial recognition technology without user...more
8/1/2024
/ Biometric Information ,
Biometric Information Privacy Act ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Facial Recognition Technology ,
Personal Data ,
Personally Identifiable Information ,
Settlement
This episode is part of our Cyber Adviser series, where we discuss emerging issues in the world of privacy and data security.
Today, we’re joined by Paolo Sbuttoni, a partner at Foot Anstey with years of experience...more
The California Privacy Protection Agency (“CPPA”) discussed at its July 16 meeting new enforcement focuses in addition to current goals. While the new focuses are largely in line with general trends, they also serve as a...more
The CFPB has launched the process for independent standard-setting bodies to receive formal recognition, as part of its efforts to shift towards open banking in the United States....more
In a reminder that open source products can carry significant risks beyond intellectual property, a vulnerability in a compression tool commonly used by developers has triggered widespread concerns....more
Minnesota becomes the latest state to move to pass legislation regulating the processing and controlling of personal data (HF 4757 / SF 4782). If signed into law by Governor Tim Walz, the Minnesota Consumer Data Privacy Act,...more
Colorado has become the first state to pass legislation (SB24-205) regulating the use of artificial intelligence (AI) within the United States. This legislation is designed to address the influence and implications,...more
5/14/2024
/ Algorithms ,
Anti-Fraud Provisions ,
Artificial Intelligence ,
Bias ,
Colorado ,
Data Protection ,
Disclosure Requirements ,
Machine Learning ,
New Legislation ,
Non-Discrimination Rules ,
Personal Data ,
Regulatory Reform
In a regulatory filing, Reddit announced that the FTC is probing Reddit’s proposal to sell, license and share user-generated content with third parties to train artificial intelligence (AI) models. This move underscores the...more
The UN General Assembly has adopted a landmark resolution focusing on the safe, secure, and trustworthy use of Artificial Intelligence (AI). This resolution, led by the United States and supported by over 120 Member States,...more
3/28/2024
/ Algorithms ,
Artificial Intelligence ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Intellectual Property Litigation ,
Intellectual Property Protection ,
International Data Transfers ,
Machine Learning ,
Member State ,
Personal Data ,
Risk Management ,
United Nations
This episode is part of our Cyber Adviser series, where we discuss emerging issues in the world of privacy and data security.
Today, our lawyers discuss new state consumer health data laws in Connecticut, Nevada, and...more
On March 7, 2024, a bipartisan coalition of 43 state attorneys general sent to the Federal Trade Commission (“FTC”) a letter urging the FTC to update the regulations (“COPPA Rules”) implementing the Children’s Online Privacy...more
3/14/2024
/ COPPA ,
Data Collection ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
Mobile Apps ,
Online Safety for Children ,
Parental Consent ,
Personal Information ,
Personally Identifiable Information ,
State Attorneys General ,
Websites