The European Union’s new AI Act (the Act) went into efect on 1 August 2024. The Act is the first-ever comprehensive law focused on artifcial intelligence and machine learning (collectively, AI). The Act impacts many...more
The US Securities and Exchange Commission (SEC), Division of Corporation Finance on June 24, 2024 issued five Compliance and Disclosure Interpretations (C&DIs) on its website to address questions raised by its requirement for...more
The US Securities and Exchange Commission has adopted amendments to Regulation S-P requiring entities under its remit to provide notice to individuals affected by certain types of data breaches. This adds yet another...more
The intersection of technology and commerce has given rise to a myriad of trends that are reshaping the way companies approach commercial contracts. From the retail industry to the broader market, the integration of...more
The world is witnessing a flurry of activity surrounding issues of data protection, cybersecurity, artificial intelligence (AI), and consumer privacy. According to the National Conference of State Legislators, some 40 US...more
The Federal Trade Commission (FTC) recently reached two settlements in actions against data brokers concerning their use of consumer location data and banning them from collecting, using, or selling consumer location data...more
With the flurry of new consumer privacy laws enacted in states across the country, it is vital for companies operating in multiple states to remain informed of this changing landscape in order to plan and execute their...more
The ever-evolving data privacy landscape continues to become more complex as new developments play out on the global stage. In the United States, a number of individual state laws have come into force, with more following in...more
With the lack of comprehensive federal consumer privacy legislation, states are charting an evolving course for businesses to follow when handling data and information about their customers. Led by California, several other...more
The US Federal Trade Commission (FTC or Commission) proposes expanding the Negative Option Rule to all subscription agreements. The FTC, in a 3-1 vote with Commissioner Christine S. Wilson (R) dissenting, published a notice...more
Since 2019, “buy now, pay later” (BNPL) loans have been a popular option among consumers and retailers alike. In the last few years, however, the BNPL industry has undergone explosive growth due, in large part, to increased...more
The INFORM ACT represents a legislative effort to protect consumers from unknowingly purchasing stolen, counterfeit, or unsafe consumer products from online sellers. With a June 27, 2023 compliance deadline, operators of...more
The need for privacy and cybersecurity compliance measures has become a paramount consideration as businesses become more digitally driven, data breaches become more publicized, and regulation continues to increase. Morgan...more
The California Consumer Privacy Act (CCPA) exemptions for employee and business-to-business (B2B) personal information have not been extended, further complicating the privacy regulatory landscape for businesses in...more
World events, such as the COVID-19 pandemic, have accelerated the need for business operations to grow more digitally reliant and driven. As the global network grows and becomes more interconnected, privacy and...more
9/15/2022
/ Biometric Information ,
Computer Fraud and Abuse Act (CFAA) ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Personal Information Protection Law (PIPL) ,
Popular
Businesses operating in California should follow the development of the California Consumer Privacy Rights Act regulations because, unless they are significantly modified, they are likely to once more place California on the...more
Utah has become the fourth state in the United States to pass a comprehensive consumer data privacy law—the most business-friendly state privacy law yet....more
The US Securities and Exchange Commission (SEC) recently proposed a comprehensive framework of cybersecurity-related rules and amendments for investment advisers and investment companies. Although advisers and funds may have...more
The US Federal Trade Commission (FTC) has settled charges brought against Fashion Nova, LLC (Fashion Nova) under Section 5(a) of the FTC Act for failure to publish negative product reviews on its website. This edition of...more
Welcome to the third post in our Spotlight series, where we talk with a leader in a particular field or emerging area of interest to technology and sourcing lawyers and professionals.
Kristin Hadgis is a partner in Morgan...more
The European Commission has finally approved two decisions on 28 June granting the United Kingdom the cherished status of having “adequate” data protection laws so that transfers of personal data from the European Union are...more
Virginia became the second state in the United States, after California, to pass a comprehensive data privacy law when the Virginia Consumer Data Protection Act (CDPA) passed both houses of the state legislature in February...more
6/15/2021
/ CDPA ,
Compliance Management Systems ,
Consumer Privacy Rights ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Collection ,
Data Controller ,
Data Management ,
Data Privacy ,
Data Protection ,
Electricity ,
New Legislation ,
Opt-Outs ,
Personal Data ,
Virginia
Virginia is on track to become the second state in the United States to pass a comprehensive data privacy law after the Virginia Consumer Data Protection Act (CDPA) quickly passed both houses of Virginia’s state legislature...more
2/19/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Protection ,
Legislative Agendas ,
Personal Data ,
Personally Identifiable Information ,
Regulatory Agenda ,
State and Local Government
Despite the coronavirus (COVID-19) pandemic, the California attorney general intends to enforce the California Consumer Privacy Act (CCPA) beginning July 1, 2020, pending the anticipated approval from the California Office of...more
6/26/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Information Governance ,
Office of Administrative Law ,
Personal Data ,
Personally Identifiable Information ,
State and Local Government ,
State Attorneys General
With the July 1 enforcement of the California Consumer Privacy Act (CCPA) less than a month away, the state attorney general has finally submitted the final text of the proposed CCPA regulations to the California Office of...more
6/4/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Office of Administrative Law ,
Personal Data ,
Personally Identifiable Information ,
Rulemaking Process ,
State and Local Government ,
State Attorneys General