The old saying goes, “Don’t mess with Texas.” The same can be said of the Texas Privacy Act. The Texas Department of Information Resources recently issued an implementation status for the act....more
Earlier this month, after the conclusion of the public comment period, the Colorado Department of Law adopted amendments to the Colorado Privacy Act (CPA), which grants rights to Colorado consumers concerning their personal...more
Under many circumstances, state privacy laws require businesses to pass a consumer’s valid deletion request to any entity that processes the data on behalf of the business or otherwise is a recipient of the data. These...more
On October 30, the California Privacy Protection Agency (CPPA) announced an investigative sweep to ensure data brokers comply with the Delete Act. Effective January 1, the Delete Act requires parties to register by January 31...more
A group of 21 Republican AGs filed an amicus brief with the U.S. Court of Appeals for the D.C. Circuit in TikTok Inc. v. Merrick Garland, No.24-1113, in support of the U.S. DOJ and urging the court to deny the petition for...more
Public officials should proceed with caution when using social media. The United States Supreme Court, in a recent unanimous decision, articulated a two-part test to determine when a public official’s social media account...more
The U.S. is taking another swing at a federal data privacy law with the American Privacy Rights Act, or APRA. While there’s no guarantee that the APRA will become the law of the land, it’s still worthwhile to study in order...more
On April 2, the California Privacy Protection Agency (CPPA or “the Agency”) issued the Agency’s first-ever enforcement advisory. The advisory (“Applying Data Minimization to Consumer Requests”) reaffirms data minimization as...more
Over the weekend, lawmakers unveiled the latest push for a federal privacy law – the American Privacy Rights Act (APRA). The bill was circulated as a discussion draft by Sen. Maria Cantwell (D-WA), Chair of the Senate...more
Last week, a bipartisan coalition in Congress introduced the American Privacy Rights Act (“APRA”), a draft federal privacy bill. The APRA represents the latest effort to create a federal consumer data privacy law after its...more
In its recent opinion in Lindke v. Freed, the U.S. Supreme Court addressed when public officials may be held liable for violating the First Amendment for silencing critics on social media. The Court held that a public...more
On Friday, March 15, a unanimous Supreme Court decided two companion cases (Lindke v. Freed and O’Connor-Ratcliff v. Garnier) that resolved a split in the Circuits concerning whether public officials can be held liable under...more
The U.S. Supreme Court has established guidelines for determining when a public official’s use of a private social media platform such as Facebook, X or Nextdoor constitutes public speech that cannot be censored. State and...more
On March 15, 2024, the Supreme Court issued a unanimous opinion in Lindke v. Freed and a per curiam opinion in O’Connor-Ratcliff v. Garnier addressing when a public official may prevent a person from commenting on the public...more
In just a few short weeks, a new front may emerge for biometrics litigation in the United States. On March 31, 2024, the My Health My Data Act (“MHMDA”) will go into effect in Washington for most entities that conduct...more
The latest version of the New York (“NY”) State Privacy Law (“S365B”) is continuing to make its way through the NY State Assembly. As readers of this blog know, members of the NY State Senate have been trying to get a version...more
On April 27, 2023, the Washington State governor signed into law the My Health My Data Act or the MHMDA. In spite of the onerous and at times confusing requirements of the MHMDA, the Washington Attorney General (AG) has only...more
On January 16, Gov. Phil Murphy (D) of New Jersey signed Senate Bill No. 332 into law. The New Jersey privacy law generally follows the same framework found in many of the comprehensive privacy laws enacted by other states...more
The New Jersey Legislature this week passed Senate Bill 332 (SB 332), a comprehensive consumer data privacy bill. Since its conception, the bill has undergone significant revisions that expanded a once narrow bill into a more...more
Welcome to this month's issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice....more
Keypoint: The Agency proposed more revisions to the CCPA regulations for consideration at the December 8 board meeting. On December 1, 2023, the California Privacy Protection Agency (Agency) published proposed revisions to...more
In October, California enacted its newest privacy legislation, commonly referred to as the “Delete Act” (California Senate Bill No. 362). The Delete Act will allow consumers to request that any data broker that maintains any...more
In a key move to further expand consumer data rights, California Gov. Gavin Newson signed The Delete Act (S.B. 362) (the Act) into law on October 10, 2023. The Act amends California’s data broker registration law (Cal. Civ....more
California Governor Newsom recently signed SB 362, known as the Delete Act, which creates a one-time mechanism for consumers to request that data brokers delete all personal data associated with the consumer. ...more
California Gov. Gavin Newsom (D) has signed AB 947 and AB 1194 into law. Under the California Consumer Privacy Act, the definition of “sensitive personal information” includes, among other things, a consumer’s racial or...more