On February 12, 2025, the House Energy and Commerce Committee Chair Brett Guthrie (R-Ky) and Vice Chair John Joyce (R-Pa) announced the formation of 12-member working group tasked with developing comprehensive data privacy...more
2/20/2025
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
Federal Data Privacy ,
Federal Trade Commission (FTC) ,
Legislative Agendas ,
Personal Data ,
Proposed Legislation ,
Regulatory Agenda ,
State Privacy Laws ,
Working Groups
On November 12, 2024, the Consumer Financial Protection Bureau (CFPB) released a report examining the carve outs and limitations contained in comprehensive state privacy laws relating to financial institutions. In an...more
11/21/2024
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Fair Credit Reporting Act (FCRA) ,
Financial Institutions ,
Gramm-Leach-Blilely Act ,
Open Banking ,
Personal Information ,
Regulatory Oversight ,
State Privacy Laws
On November 14, 2024, the California Privacy Protection Agency (“CPPA”), which is tasked with enforcing the California Consumer Privacy Act (the “CCPA”), announced it settled with two data brokers, Growbots, Inc. and UpLead...more
11/18/2024
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Brokers ,
Data Management ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Personal Information ,
Registration Requirement ,
Regulatory Requirements ,
Settlement ,
State Privacy Laws ,
Statutory Violations
As part of a new enforcement initiative called “Operation AI Comply,” the FTC recently announced that it has brought the following five enforcement actions against businesses that use or sell AI tools in a manner that the FTC...more
On August 5, 2024, Illinois Governor J.B. Pritzker signed into law SB 2979, significantly amending the state’s Biometric Information Privacy Act (BIPA). This update represents a considerable decrease in the potential for...more
The California Privacy Protection Agency (“CPPA”) discussed at its July 16 meeting new enforcement focuses in addition to current goals. While the new focuses are largely in line with general trends, they also serve as a...more
The CFPB has launched the process for independent standard-setting bodies to receive formal recognition, as part of its efforts to shift towards open banking in the United States....more
Colorado has become the first state to pass legislation (SB24-205) regulating the use of artificial intelligence (AI) within the United States. This legislation is designed to address the influence and implications,...more
5/14/2024
/ Algorithms ,
Anti-Fraud Provisions ,
Artificial Intelligence ,
Bias ,
Colorado ,
Data Protection ,
Disclosure Requirements ,
Machine Learning ,
New Legislation ,
Non-Discrimination Rules ,
Personal Data ,
Regulatory Reform
In a regulatory filing, Reddit announced that the FTC is probing Reddit’s proposal to sell, license and share user-generated content with third parties to train artificial intelligence (AI) models. This move underscores the...more
This episode is part of our Cyber Adviser series, where we discuss emerging issues in the world of privacy and data security.
Today, our lawyers discuss new state consumer health data laws in Connecticut, Nevada, and...more
The FTC published guidance warning companies that “[i]t may be unfair or deceptive for a company to adopt more permissive data practices—for example, to start sharing consumers’ data with third parties or using that data for...more
On February 21st, the California Attorney General (AG) Rob Bonta announced a settlement with DoorDash for violations of the California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA)...more
2/22/2024
/ Advertising ,
California ,
California Consumer Privacy Act (CCPA) ,
CalOPPA ,
DoorDash ,
Marketing ,
Mobile Apps ,
Personal Information ,
State and Local Government ,
State Attorneys General ,
Statutory Violations
On Thursday, February 8, the Federal Communications Commission (FCC) finalized its plan to ban robocalls that feature voices generated by artificial intelligence, aiming to stem the tide of AI-generated scams and...more
On November 14, 2023, the Colorado Division of Insurance’s AI insurance regulations went into effect. Colorado is now the first state in the nation to adopt regulations specifically aimed at insurance algorithms....more
The Colorado Department of Law (“DoL”) has published a shortlist of potential universal opt-out mechanisms (“UOOMs”). Beginning on July 1, 2024, companies will be required to allow consumers to opt out of the sale of their...more
On May 28, Texas became the sixth state this year to pass a comprehensive data protection law. Although the Texas Data Privacy and Security Act (“TDPSA”) is largely in line with the Virginia Consumer Data Protection Act and...more
As we have previously posted, it has been an active year on the state privacy law front. Indeed, the number of states with privacy laws is about to nearly double in a matter of months, with Iowa, Indiana, Montana, and...more
On March 15, the Colorado Attorney General’s Office finalized the Colorado Privacy Act regulations. ...more
In a landmark decision that will have widespread effects, the Illinois Supreme Court ruled that a claim accrues each time—rather than just the first time—that data is collected in violation of the Biometric Information...more
With Colorado joining California as the only other state with rules implementing a comprehensive privacy law, businesses and practitioners have been anxiously watching to see whether a California-compliant privacy policy...more
2022 proved to be an historic year for privacy and data security. Connecticut and Utah joined the list of states that have now passed comprehensive data privacy laws, bringing the total to five (5) states. For the first...more
On December 21, the Colorado Attorney General released a revised draft of the Colorado Privacy Act Rules....more
In early November, Pennsylvania amended its data breach notification law broadening the definition of personal information. The amendment adds “health insurance information” and “medical information” as data elements that...more
In a recent enforcement action against online alcohol delivery service Drizly and its CEO, James Rellas, the Federal Trade Commission (FTC) made clear its focus on data minimization and limitations on the secondary uses of...more
On October 1, 2022, the Colorado Attorney General‘s Office announced that it had submitted the first draft of its Rules implementing the Colorado Privacy Act....more