Data Revolution: How U.S. Privacy Laws Change the Way Data Should be Managed by Retail and Tech Industries
On January 16, 2025, the Federal Trade Commission (FTC) finalized amendments to the Children’s Online Privacy Protection Act (COPPA) Rule (Final Rule), which completes the process that started back in 2019 when the FTC sought...more
The Personal Information Protection Act ("PIPA") comes into full force on 1 January 2025. All organisations in Bermuda are expected to be in compliance with it by that date – time is running out! The Privacy Commissioner...more
The so-called “HR exemption” taking employee and applicant personal information out of the control of the California Consumer Privacy Act (CCPA) is about to come to an end. Employers who are “businesses” for purposes of the...more
Editor’s Note: On September 29, 2022, HaystackID shared an educational webcast on the topic of US privacy law. As privacy continues to move to the forefront of not only information consideration but of business concern for...more
Keypoint: The comments focus on identifying areas in which the Attorney General’s Office may provide additional clarity to consumers and businesses and to ensure, where appropriate, the interoperability of the Colorado...more
The California Privacy Protection Agency (CPPA) quietly issued the first draft of the California Consumer Privacy Act (CPRA) regulations and an Initial Statement of Reasons by attaching them to the June 8 board meeting...more
In an opinion released on March 10, 2022, California Attorney General Rob Bonta addressed the applicability of the “right to know” under the California Consumer Privacy Act (CCPA) (pdf) to internal inferences that...more
Starting in January of 2023, businesses subject to California Privacy Rights Act (CPRA), may be required to publish the retention periods for all categories of personal and sensitive information they collect, manage, store,...more
Since its enactment just over a year ago, some companies have struggled to interpret the California Consumer Privacy Act (CCPA) and the circumstances that might subject them to penalties and fines for violations. In an effort...more
COVID-19 drove many formerly in-person interactions onto a variety of video conferencing platforms. But as millions of vaccinations are administered each day, and case numbers decline, it’s now possible to imagine and plan...more
The General Accounting Office believes that the Gramm-Leach-Bliley Act (GLBA) model form privacy notice gives a limited view of what information is collected and with whom it is shared and that a reassessment of the form is...more
Following the outbreak of COVID-19 and its development into a global pandemic, organisations have been implementing exceptional measures to safeguard employees, customers and others against the health threat that is being...more
With the enactment of the European General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act ("CCPA”), the restaurant and food service industry has been forced to cope with a shifting privacy...more
As the CCPA’s effective date approaches, businesses are actively monitoring how companies will update their websites and privacy notices to comply with the new disclosure requirements of the Act. While many companies are...more
Last year towards the end of May, a barrage of emails and pop-ups informed online users about how companies use cookies – small bits of software that track website activity – in accordance with a requirement under the...more