A Look at Recent Federal Trade Commission and Consumer Financial Protection Bureau Initiatives Concerning Privacy and Data Security
2BInformed: Engaging with EPA, OSHA’s New Regulation, and Asbestos
The rule imposes substantial new diligence, reporting, cybersecurity, and auditing obligations on companies. On December 27, 2024, the U.S. Department of Justice (“DOJ”) issued a final rule implementing Executive Order...more
On June 21, 2024, the US Department of the Treasury (Treasury) released proposed new federal regulations (Proposed Rules) that, if implemented, would prohibit or require notification of a broad range of outbound investment...more
Key Points - On Sunday, April 7, Senate Commerce Committee Chair Maria Cantwell (D-WA) and House Energy and Commerce (E&C) Committee Chair Cathy McMorris Rodgers (R-WA) struck a deal on a comprehensive federal bill, the...more
On February 28, 2024, President Biden signed Executive Order (EO) 14117 titled “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” On March 5,...more
President Biden issued an Executive Order last month calling on the DOJ and relevant government agencies to tighten regulations on bulk data transfers to “countries of concern.” In late February, President Biden issued...more
The only thing truly certain about the proposed U.S. outbound investment regulatory regime is that a lot of uncertainty remains. But industry responses garnered during the comment period may, at least partly, foretell the...more
CYBERSECURITY - CISA, FBI + MS-ISAC Issue Warning on Phobos Ransomware - To help organizations protect against ransomware, CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a...more
CYBERSECURITY CISA- FBI + MS-ISAC Issue Warning on Phobos Ransomware- To help organizations protect against ransomware, CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a...more
On February 28, 2024, President Joe Biden issued Executive Order (“EO”) 14117, empowering the Department of Justice (DOJ) to regulate the export of certain consumer data, in order to prevent certain countries’ governments...more
On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) issued an advance notice of proposed rulemaking (ANPR) with respect to a new consumer financial data portability rule mandated by Section 1033 of the...more
Welcome to Holland & Knight's monthly data privacy and security news update that includes the latest in policy, regulatory updates and other significant developments. ...more
On December 29, 2022, President Biden signed a new statute that will significantly impact medical device cybersecurity regulation. Section 3305 of the Consolidated Appropriations Act of 2023 (“Section 3305”) authorizes the...more
On January 18, 2023, the National Telecommunications and Information Administration (NTIA) released a Privacy, Equity, and Civil Rights Request for Comment (RFC), which is “intended to examine the persistence of...more
On November 1, 2022, the Federal Trade Commission (FTC) hosted PrivacyCon 2022, its seventh annual conference in which the Commission looks to academics and researchers to inform its efforts to address emerging consumer...more
Roughly two weeks apart, on July 21, 2022 and August 5, 2022, respectively, Amazon made headlines for agreeing to acquire One Medical, “a human-centered and technology-powered primary care organization,” for approximately...more
In August, the FTC launched a groundbreaking privacy and security rulemaking under the FTC Act with an extensive Advanced Notice of Proposed Rulemaking (ANPR) that asks a wide range of questions. The ANPR has generated...more
SEC Chair Gensler Indicates Commission is Looking to Update SEC’s Regulation S-P - On September 28, 2022, Securities and Exchange Commission (“SEC” or the “Commission”) Chairman Gary Gensler appeared via video at the...more
Our discussion examines the FTC’s Advanced Notice of Proposed Rulemaking relating to what it describes as “commercial surveillance” and the CFPB’s circular confirming that covered persons and service providers may violate the...more
95 Problems but Privacy Won’t Be One? The ANPRM lists ninety-five (95) data privacy and security-related issues about which the FTC seeks public comment—everything from the way that companies process consumer data to how...more
Pelosi Statement Dims the Lights on ADPPA - The prospects for the nation’s first comprehensive data privacy law, the American Data Privacy and Protection Act (the “ADPPA” or the “Bill”), dimmed after House Speaker Nancy...more
In public comments during the Federal Trade Commission’s (FTC) data privacy rulemaking open forum, a senior U.S. Chamber of Commerce came out against the agency making broad rules on data privacy....more
The FTC recently published an advance notice of proposed rulemaking to discuss harms associated with the collection, processing, and selling of personal data...more
In this month’s Privacy & Cybersecurity Update, we review the FTC’s proposed data privacy and cybersecurity rulemaking and the European Data Protection Board’s draft guidelines on the calculation of GDPR administrative fines....more
On August 22, 2022, the Federal Trade Commission (FTC) published its advance notice of proposed rulemaking (ANPR) to request public comment on commercial surveillance and data security practices. The ANPR comes at the same...more
In the spring of 2018 and in the wake of the Facebook-Cambridge Analytica data scandal, tech CEOs Tim Cook of Apple and Mark Zuckerberg of Meta (fka “Facebook”) initiated a contentious and public debate over the ethics of...more