On January 16, 2025, the Federal Trade Commission finalized changes to the Children's Online Privacy Protection Act (COPPA) Rule. ...more
1/31/2025
/ Amended Rules ,
Consent ,
Consumer Privacy Rights ,
COPPA ,
Data Privacy ,
Data Protection ,
Data Retention ,
EdTech ,
Federal Trade Commission (FTC) ,
Online Platforms ,
Online Safety for Children ,
Parental Consent ,
Privacy Laws ,
Websites
Since the passing of the California Consumer Privacy Act (CCPA) in 2018, California has led the nation in privacy regulation and enforcement. But, beginning July 1, 2024, Texas will be the new sheriff in town....more
On March 31, 2024, the Washington My Health My Data Act (MHMDA), a comprehensive consumer health privacy law, will come into force. Small businesses – defined as those processing consumer health data of fewer than 100,000...more
3/29/2024
/ Advertising ,
Consent ,
Consumer Privacy Rights ,
Data Privacy ,
Exemptions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Notice Requirements ,
Patient Privacy Rights ,
Personal Data ,
PHI ,
Popular ,
Small Business ,
State Privacy Laws ,
Wellness Programs
On 13 April 2021, the British Virgin Islands (“BVI” or “Virgin Islands”) became the latest jurisdiction to enact a comprehensive information privacy law when the territory published the Data Protection Act, 2021 (the “DPA...more
5/5/2021
/ British Virgin Islands ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Acts ,
Data Retention ,
Data Security ,
Data Subjects Rights ,
Data Transfers ,
Notice Requirements ,
Personal Data ,
Privacy Laws ,
Private Right of Action
On 21 April 2021, the European Commission unveiled a proposal for an EU Artificial Intelligence Regulation (“Proposal”). The Proposal recognizes that AI offers significant benefits and opportunities for the EU market, but...more
4/27/2021
/ Artificial Intelligence ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Distributors ,
EU ,
European Commission ,
Fines ,
Importers ,
Member State ,
Proposed Regulation ,
Recordkeeping Requirements ,
Registration Requirement ,
Regulatory Oversight ,
Transparency
Corporate Social Responsibility (“CSR”) and Environmental, Social, and Governance (“ESG”) practices have increasingly become priorities for many organizations as they assess their obligations to their employees, customers,...more
4/21/2021
/ Best Practices ,
Business Strategies ,
Consumer Privacy Rights ,
Corporate Social Responsibility ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Subjects Rights ,
Environmental Social & Governance (ESG) ,
Information Governance ,
Policies and Procedures
On March 2, 2021, Virginia enacted the Consumer Data Protection Act (“VCDPA”). The VCDPA will become effective January 1, 2023. The VCDPA shares its roots with the California Consumer Protection Act (“CCPA”) and the recently...more
3/9/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Acts ,
Data Security ,
Data Sellers ,
Data-Sharing ,
Enforcement Actions ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Sensitive Personal Information
NEW YORK STATE LEGISLATURE PROPOSES BIOMETRIC PRIVACY ACT -
On January 6, 2021, the New York state legislature proposed the Biometric Privacy Act (AB 27) to regulate the collection of biometric information by companies...more
The world is facing a significant public health crisis that requires a strong response and common approach. Governments and scientists around the world are relying on automated data processing and digital technologies as part...more
On June 28, California enacted AB 375, the California Consumer Privacy Act (CCPA). The CCPA grants expansive consumer privacy protections including data privacy rights similar to those provided by the EU General Data...more
The European Union’s highest court has, effective immediately, invalidated the US-EU Safe Harbor program relied upon by many companies as the basis for lawfully transferring and processing personal information from the EU to...more
10/8/2015
/ Anonymization ,
Binding Corporate Rules ,
Data Controller ,
Data Localization Law ,
Data Privacy ,
Data Processors ,
Data Protection Authority ,
Data Security ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Germany ,
Informed Consent ,
International Data Transfers ,
National Security Agency (NSA) ,
Personal Data ,
Prior Express Consent ,
SCC ,
Schrems I & Schrems II ,
Surveillance ,
US-EU Safe Harbor Framework