News & Analysis as of

Personal Data

Goodwin

New York’s Child Data Protection Act Is Now In Effect: What You Need to Do

Goodwin on

On June 20, 2025, the New York Child Data Protection Act (CDPA) took effect, ushering in some of the most comprehensive child and teen privacy protections in the United States. The law applies to operators of websites, apps,...more

Hogan Lovells

Vermont Enacts Age-Appropriate Design Code Act

Hogan Lovells on

On June 12, 2025, Vermont Governor Phil Scott signed the Vermont Age-Appropriate Design Code Act (AADC), which will impose a range of obligations on businesses that offer online products, services, or features likely to be...more

Alston & Bird

Are You Ready for the Department of Justice’s Bulk Data Transfer Rule?

Alston & Bird on

On July 8, 2025, the Department of Justice (“DOJ”) is set to lift its self-imposed pause on enforcing certain violations of its Rule Preventing Access to US Sensitive Personal Data and Government-Related Data by Countries of...more

Jackson Lewis P.C.

Texas Enacts Liability Shield From Punitive Damages for Certain Small Businesses That Adopt Cybersecurity Programs

Jackson Lewis P.C. on

On June 20, 2025, Texas Governor Greg Abbott signed SB 2610 into law, joining a growing number of states that aim to incentivize sound cybersecurity practices through legislative safe harbors. Modeled on laws in states like...more

A&O Shearman

Data (Use and Access) Act gets Royal Assent

A&O Shearman on

On June 19 2025, the Data (Use and Access) Act (DUA Act) received Royal Assent, having passed both Houses of Parliament on June 11 2025. The Data (Use and Access) Bill was first introduced in the House of Lords on October 23...more

Cooley LLP

The Data (Use and Access) Bill: What Businesses Need to Know

Cooley LLP on

The UK’s Data (Use and Access) Bill (DUA Bill) completed its passage through Parliament on 11 June 2025 and is now awaiting Royal Assent. Once enacted, it will introduce a series of targeted updates to the UK’s data...more

Wilson Sonsini Goodrich & Rosati

EU Reaches a Deal on Rules for Swifter Cross-Border GDPR Enforcement

On June 16, 2025, the Council of the EU (Council) and the European Parliament (EP) reached an agreement on a new regulation (the Draft Regulation) to enhance enforcement of the General Data Protection Regulation (GDPR). The...more

Fox Rothschild LLP

The Vermont Age-Appropriate Design Code Act: What You Need to Know

Fox Rothschild LLP on

Vermont recently adopted the Vermont Age-Appropriate Design Code Act, which goes into effect on January 1, 2027. The law is enforceable by the Vermont Attorney General as an unfair or deceptive act or practice. The Attorney...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

Supreme Court Rules DOGE Can Access Social Security Data and Avoid FOIA - for Now

On June 6, 2025, the Supreme Court of the United States released two decisions on its emergency docket with serious implications for federal agencies, companies that do business with the government, and the data of millions...more

Guidepost Solutions LLC

[Webinar] Data Under Watch: Navigating DOJ’s New Rules on Sensitive U.S. Data Transfers - June 26th, 1:00 pm ET

Starting July 9, 2025, the U.S. Department of Justice will begin enforcing its new “Bulk Sensitive Data Rule,” a sweeping regulation aimed at restricting the transfer and storage of sensitive U.S. personal and...more

Jackson Lewis P.C.

Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended

Jackson Lewis P.C. on

Montana recently amended its privacy law through Senate Bill 297, effective October 1, 2025, strengthening consumer protections and requiring businesses to revisit their privacy policies that apply to citizens of Montana....more

Klein Moynihan Turco LLP

AI Privacy

With the use of artificial intelligence (“AI”) becoming more pervasive every day, it should not surprise our readers that regulators are increasingly focused on the use of AI and its associated consumer data privacy...more

Skadden, Arps, Slate, Meagher & Flom LLP

Deadline Fast Approaching for Data Security Program Compliance

The Department of Justice (DOJ) implemented a new regulatory regime (Data Security Program) addressing access to, and transfer of, sensitive personal data to countries and persons of concern, including Russia, China and...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

New York’s Child Data Protection Act: Key Takeaways From the Attorney General’s Implementation Guidance

In anticipation of the June 20, 2025, effective date of the New York Child Data Protection Act (NYCDPA), the Office of the New York State Attorney General (OAG) recently released implementation guidance that provides critical...more

Wiley Rein LLP

New Jersey Proposes New Privacy Rules That Would Impact Compliance

Wiley Rein LLP on

On June 2, the New Jersey Division of Consumer Affairs (Division) published proposed regulations to implement the New Jersey Data Privacy Act (NJDPA). Of note, these rules were proposed months after the NJDPA went into effect...more

Cozen O'Connor

Bipartisan AGs Sue to Stop 23andMe’s Sale of Consumers’ Genetic Data

Cozen O'Connor on

A bipartisan coalition of 28 AGs have filed a lawsuit against 23andMe Holding Co. and 23andMe, Inc. (collectively “23andMe”) to protect human genetic data collected by the company from being sold without consumers’ consent as...more

HaystackID

AT&T Customer Data Resurfaces on Dark Web in Enhanced, Decrypted Format

HaystackID on

According to an AT&T spokesperson, this is not accurate. Social Security Numbers and Dates of Birth were already available in plain text in the original compromised dataset from 2024 (in separate files that could be...more

Alston & Bird

NY Passes Law Governing Personalized Algorithmic Pricing; AI Companions

Alston & Bird on

On May 9, 2025, New York Governor Kathy Hochul signed Assembly Bill A3008 into law. The omnibus legislation mandates transparency in personalized algorithmic pricing while prohibiting related discrimination. The new law also...more

Arnall Golden Gregory LLP

State-by-State Privacy Legislation Update: A Compliance Roadmap for 2025

States have been active in passing and enacting comprehensive consumer privacy laws in the absence of a federal statute. To date, 19 states have passed such laws, starting with the California Consumer Privacy Act (“CCPA”),...more

Fox Rothschild LLP

Using Facial Recognition? Regulators Expect Detailed Risk Assessments

Fox Rothschild LLP on

Following the Federal Trade Commission’s decision in December 2023 to ban Rite Aid from using AI facial recognition, it has become crystal clear that U.S. regulators expect a risk assessment when a retailer uses facial...more

Mayer Brown

US SEC Gives Green Light to Swiss-Based Investment Adviser Registration Applications

Mayer Brown on

On June 10, 2025, the US Securities and Exchange Commission (SEC) announced that it will immediately resume processing new and pending registration applications of investment advisers with their principal office and place of...more

DLA Piper

EU: Brussels Court of Appeal Rules on IAB Europe and the TC String – Implications for GDPR Compliance

DLA Piper on

On 14 May 2025, the Brussels Court of Appeal (Market Court) delivered the long-awaited judgement in the case concerning the Transparency & Consent Framework (“TCF”) (case no. 2022/AR/292). The Court largely upheld the...more

Benesch

Updates on CIPA Reform: CA SB 690 Progresses to the Assembly Without Retroactivity Provision.

Benesch on

A national leader in privacy law, California was among the first states to include an express right to privacy in its constitution, create a data breach notification law, and codify robust consumer data protections. ...more

Clark Hill PLC

New York enacts Algorithmic Pricing Disclosure requirements: Effective date of new AI disclosure quickly approaching

Clark Hill PLC on

States everywhere are considering whether and how to best regulate business use of artificial intelligence (“AI”). While the California Privacy Protection Agency (“CPPA”) recently struck all references to AI from its proposed...more

Foley Hoag LLP - Security, Privacy and the...

DOJ’s “Bulk Sensitive Data Rule” is in Effect, and May Require Significant Compliance Obligations as Enforcement is Set to Begin

Pursuant to a newly effective U.S. Department of Justice (DOJ) regulation, the transfer and storage of certain sensitive U.S. government and personal data may be prohibited or restricted, depending on the intended recipient,...more

5,689 Results
 / 
View per page
Page: of 228

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide