On April 22, 2025, the Federal Trade Commission published in the Federal Register the amendments to the Children’s Online Privacy Protection Act (COPPA) rule it announced on January 16, 2025. ...more
Key Takeaways -
- The California Privacy Protection Agency (CPPA) is substantially revising its draft privacy regulations.
- Definitions for automated decision-making technology (ADMT) and "significant decisions" are...more
4/14/2025
/ Algorithms ,
Automated Decision Systems (ADS) ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Data Privacy ,
Personal Information ,
Proposed Rules ,
Regulatory Reform ,
Risk Assessment ,
Rulemaking Process ,
Technology Sector
As we close out the first quarter of 2025, one thing is unmistakable: California’s regulatory efforts continue to center on data brokers.
So far this year, the California Privacy Protection Agency (CPPA) proposed...more
The Federal Trade Commission (FTC or Commission) announced long-awaited amendments to the Children’s Online Privacy Protection Act Rule (COPPA Rule) on January 16, 2025, marking the first changes to the COPPA Rule since 2013....more
The chair of the U.S. Senate Committee on Commerce, Science, and Transportation, Maria Cantwell (D-WA), and the chair of the U.S. House Committee on Energy and Commerce, Cathy McMorris Rodgers (R-WA), released a discussion...more
4/22/2024
/ Algorithms ,
Artificial Intelligence ,
Biden Administration ,
Data Brokers ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement ,
FTC Act ,
Legislative Agendas ,
Machine Learning ,
New Legislation ,
Preemption ,
Privacy Laws ,
Technology
The Federal Trade Commission (FTC) gave privacy lawyers a long-awaited Christmas gift on December 20, 2023: its notice of proposed rulemaking (NPRM) to amend the Children’s Online Privacy Protection Act (COPPA) Rule. The NPRM...more
1/8/2024
/ Biometric Information ,
COPPA ,
Data Collection ,
Data Retention ,
Data Security ,
Disclosure Requirements ,
Federal Trade Commission (FTC) ,
Notice Requirements ,
NPRM ,
Online Safety for Children ,
Personal Information ,
Privacy Laws ,
Public Comment ,
Regulatory Agenda ,
Regulatory Reform ,
Technology
Just a few years ago, the legal landscape governing health-related personal information was relatively simple: Protected Health Information (PHI) was regulated under Health Insurance Portability and Accountability Act...more
After years out of circulation, class-action lawsuits asserting claims under the Video Protection Privacy Act (VPPA) are now back in reruns. But early critical assessment is mixed, so it remains to be seen whether VPPA-driven...more
On March 2, 2023, following a 4-0 vote, the Federal Trade Commission announced a complaint and proposed consent order with BetterHelp, Inc., an online counseling platform that allegedly disclosed consumer health data to...more
3/8/2023
/ Advertising ,
Consumer Protection Laws ,
Corporate Counsel ,
Data Privacy ,
Data-Sharing ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Personal Information ,
Settlement ,
Technology
The Colorado attorney general’s office sent shockwaves throughout the privacy world on September 30, 2022, when it published its proposed Colorado Privacy Act (CPA) draft rules (Draft Rules). The Draft Rules are complex and...more
10/17/2022
/ Biometric Information ,
California ,
California Privacy Rights Act (CPRA) ,
Colorado ,
Consent ,
Consumer Privacy Rights ,
Corporate Counsel ,
Data Controller ,
Data Protection ,
Data Security ,
Opt-Outs ,
Personal Data ,
Privacy Laws ,
Proposed Rules ,
Technology Sector
The Federal Trade Commission (FTC) released an advance notice of proposed rulemaking (ANPRM) on “Commercial Surveillance and Data Security” on August 11, 2022. The ANPRM, approved on a 3-2 party-line vote, is the initial step...more
8/17/2022
/ Administrative Procedure Act ,
Advanced Notice of Proposed Rulemaking (ANPRM) ,
Algorithms ,
COPPA ,
Data Security ,
Discrimination ,
Federal Trade Commission (FTC) ,
Privacy Laws ,
Rulemaking Process ,
Surveillance ,
Technology Sector
On May 19, 2022, at the Federal Trade Commission’s (FTC) first open meeting since the confirmation of Commissioner Alvaro Bedoya, the FTC unanimously approved two documents that signal its intention to strengthen its...more
5/25/2022
/ COPPA ,
Data Collection ,
Data Retention ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
FTC Endorsement Guidelines ,
Online Safety for Children ,
Personal Information ,
Policy Statement ,
Proposed Amendments
Through its newly launched Center for Industry Self-Regulation (CISR), BBB National Programs announced last week the launch of the TeenAge Privacy Program (TAPP). The TAPP introduces a proposed self-regulatory framework that...more
A new California privacy ballot initiative has been introduced by real estate developer and privacy rights advocate, Alastair Mactaggart. This new ballot initiative, titled The California Privacy Rights and Enforcement Act of...more
Beyond preparing for this year’s holiday rush, retailers around the country have started thinking about potential changes to their operations in response to California’s sweeping new consumer privacy law. The California...more
10/26/2018
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Disclosure Requirements ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy
The European Union’s top court ruled last week that the operator of a Facebook fan page is a “joint controller,” along with Facebook, with respect to personal data collected on such pages. The decision has implications for...more
6/12/2018
/ Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Data Collection ,
Data Controller ,
Data Protection Authority ,
EU ,
Facebook ,
General Data Protection Regulation (GDPR) ,
Germany ,
Personal Data ,
Third-Party Service Provider
The Court of Justice of the European Union (CJEU) issued its landmark decision in Maximillian Schrems v. Data Protection Commissioner on October 6, 2015, ultimately invalidating the U.S.-EU Safe Harbor Framework.
Under...more
10/8/2015
/ Corporate Counsel ,
Cybersecurity ,
Data Protection Authority ,
Edward Snowden ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ireland ,
National Security ,
National Security Agency (NSA) ,
Personal Data ,
Popular ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework ,
Young Lawyers
To improve customer experience and understand customers’ movements and interactions on their premises, retailers, hotels and other brick-and-mortar businesses increasingly use signals from mobile devices to observe their...more
5/11/2015
/ Analytics ,
Data Collection ,
Federal Trade Commission (FTC) ,
Mobile Devices ,
Persistent Identifiers ,
Popular ,
Privacy Policy ,
Retailers ,
Startups ,
Technology ,
Wi-Fi Hotspot
Privacy and data security are high priorities of the Federal Communications Commission (FCC) under the leadership of Chairman Tom Wheeler. In addition to significant enforcement actions against AT&T and TerraCom/YourTel that...more
In this installment of “Perkins Coie Wrapping Papers,” we take inspiration from “The Twelve Days of Christmas” to provide an overview of the top twelve privacy and data security issues retailers should consider as the year...more
The FCC last week issued two declaratory rulings interpreting the Telephone Consumer Protection Act (TCPA). While the rulings in each are limited to the specific requests set forth in the petitions, they include broad...more
New California Requirements Regarding "Do Not Track" Transparency and Advertising to Minors Have Substantial Effects on Advertisers, Ad Tech Companies, Website Publishers and App Developers -
California recently...more
On July 1, 2013 the FTC’s amended COPPA Rule went into effect....more
Even as efforts to achieve industry-wide consensus on Do Not Track appear to be stalling, self-regulatory associations are forging ahead with their own rules governing online and mobile data collection....more
On Tuesday, July 16, 2013 the Tracking Protection Working Group of the World Wide Web Consortium (W3C) rejected a proposal put forward by the Digital Advertising Alliance (DAA) to reframe the activity covered by Do Not Track...more