Pennsylvania is considering its own state privacy law, joining California and a host of other U.S. states.
Rep. Edward Neilson (D-174) is sponsoring H.B 1201. The bill was referred to the Pennsylvania House of...more
The White House recently published a fact sheet for President Biden’s Executive Order on Artificial Intelligence.
What does this mean to companies in the private sector? And what does it mean for your privacy compliance?...more
The Massachusetts Gaming Commission recently approved new Sports Wagering Data Privacy Rules that will likely require companies to implement new policies to protect their customer’s personal information.
The rules, which...more
The Superior Court of California, County of Sacramento recently issued an order delaying the enforcement of newly enacted California Privacy Rights Act (CPRA) regulations until March 29, 2024, one year from the date they were...more
The European Parliament has voted against a U.S. adequacy decision under the proposed EU-U.S. Data Privacy Framework.
Why?
•Bulk collection: The framework still allows for bulk collection of personal data in certain cases...more
The European Data Protection Board (EDPB) has issued a long-awaited opinion on the EU-US Data Privacy Framework.
Here are some key takeaways:
The scope of the exemptions to the adherence to the principles, including on the...more
“The times they are a-changin’,” Bob Dylan sang almost 60 years ago. And when it comes to consumers’ reasonable expectations of privacy, they are still a-changin.
I recently participated in a panel hosted by Usercentrics...more
Here is a look at some of the data privacy issues President Joe Biden outlined in his 2023 State of the Union.
Protect Kids Online-
•Platforms and other interactive digital service providers should be required to...more
The California Privacy Protection Agency (CPPA) has issued a Final Statement of Reasons for amended California Consumer Privacy (CCPA) regulations.
Key Points:
The amendments were “necessary” (used 135 times), just...more
What do you need to know about the latest revisions to the Colorado CPA Rules?
Some key points:
Universal Opt-Out Mechanism (UOOM)-
•The Universal Opt-Out Mechanism does not need to be tailored only to Colorado or refer...more
Data Privacy Day is this weekend. Here are some tips and pointers individuals and businesses should keep in mind going forward.
1. Transparency is front and center for regulators in the United States and Europe, so if...more
A new Washington State bill works to close the gap between consumer knowledge and industry practice by providing stronger privacy protections for all Washington consumers’ health data....more
Colorado Attorney General Phil Weiser has published revisions to the Colorado Privacy Act rules, as well as some additional questions for public feedback.
His questions include:
What are the pros and cons of using IP...more
The United States is adequate, at least according to a draft opinion on the EU-U.S. Data Privacy Framework. Here is a look at what the opinion says, and what U.S. companies involved in EU-U.S. transfers should be doing now....more
What do you need to know about the changes in the new, new, new, new, new CPRA Regs?
1.your good faith efforts to comply count-
2.data minimization (reasonably necessary and proportionate) for the win, in almost any...more
Sixth in a series of articles on the Colorado Privacy Act draft rules.
There is a lot to know about Colorado’s draft rules regarding the Colorado Privacy Act, which was enacted in July 2021.
This alert takes a look at...more
“When a consumer permits their private data to be used by a company for a specific purpose, it is not a free pass for a firm to exploit the data for other uses, no matter what the legal mouse-print may say,” Rohit Chopra, the...more
Colorado has released draft rules to supplement the Colorado Privacy Act, which was enacted in July 2021.
Generally, the rules reflect the obligations that were expected from the use of language similar to that in the...more
The California Privacy Rights Act is coming. Soon. For real.
To help employers get ready, I recently joined the “Your Bytes = Your Rights” podcast to discuss the changes coming in January 2023 to employee privacy laws,...more
Please take note!
1.SchremsII and cross border transfers: Risk based, wherefore art thou? With the Google Analytics, Google Fonts, Amazon AWS, Google Workspace other cases, the SchremsII and DPA guidance is piling up....more
9/30/2022
/ Biometric Information Privacy Act ,
California Privacy Rights Act (CPRA) ,
Cookies ,
Cross Border Privacy Rules (CBPR) ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
EU ,
International Data Transfers ,
Privacy Laws ,
Schrems I & Schrems II
In public comments during the Federal Trade Commission’s (FTC) data privacy rulemaking open forum, a senior U.S. Chamber of Commerce came out against the agency making broad rules on data privacy....more
Yes, your privacy notice does need to be “that good.” If it isn’t, the California Attorney General’s Office might come knocking.
Here are some key points from the AG’s second year enforcement report:...more
Federal Trade Commission Commissioner Alvaro Bedoya wants companies that collect location information to take a hard look at their practices and what they can do to better protect their users....more
The Commerce and Energy Committee has voted to send the American Data Privacy and Protection Act (ADPPA) to the House, but not without some changes....more
Congresswoman Anna Eshoo (D-CA) voted against American Data Privacy and Protection Act (ADPPA), citing preemption of California law and a concern about reproductive privacy health in the wake of Dobbs....more