State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: CFIUS Update: Key Takeaways from the FIRRMA Implementing Regulations
This monthly report outlines key developments in China’s data protection sector for June. TC260 Two Cybersecurity Practice Guidelines on Personal Information Protection Compliance Audits: On May 19, 2025, TC260 issued two...more
What happens to sensitive personal information shared by consumers when the company collecting that information encounters financial distress? That exact issue is currently front and center in the Chapter 11 proceedings of...more
Maryland Governor Wes Moore signed the Maryland Online Data Privacy Act of 2024 (MODPA) into law on May 9, 2024. This new law establishes transparency, assessment, and consumer rights requirements for organizations that fall...more
The U.S. cybersecurity and data privacy law framework continues to evolve and expand rapidly. Here, we share a summary of the eight new state data privacy and security laws that will take effect in 2024 and 2025. Businesses...more
Global Privacy Controls, vendor management, sensitive personal information, and the use of Ad Tech; new U.S. state data protection laws introduce twists to traditional notions of American data protection law. In the U.S.,...more
The year 2023 will continue to have cybersecurity and data privacy front of mind for General Counsels. With sweeping new US and global laws and regulations coming online and the California Privacy Protection Agency (CPPA)...more
Keypoint: The chances for the United States to finally enact a federal privacy bill appear to have increased with the circulation of a bipartisan discussion draft although its chances for passage are far from clear....more
Since the passage of the CCPA in 2018, there has been a flurry of proposed state laws aimed at regulating the areas of cybersecurity and data privacy in the absence of federal comprehensive legislation. Additionally, there...more
Blood pressure readings, menstrual cycles, and pregnancy status are among the types of sensitive personal data Facebook was caught collecting from third-party app developers without users' knowledge or permission. After a...more
Any day now, Virginia will likely become the second state, behind California, to adopt a GDPR-inspired comprehensive data protection law for Virginia residents....more
One of the most notable features of the new California Consumer Privacy Rights Act (CPRA) and the proposed Virginia Consumer Data Protection Action (VCDPA)—which has now passed both houses of the Virginia legislature—is the...more
As we have previously highlighted, the California Privacy Rights Act (CPRA) creates a new category of personal information, called “sensitive personal information.” While the CPRA’s predecessor, the California Consumer...more
On Election Day, California voters approved Proposition 24, which enacts the California Privacy Rights Act of 2020 (CPRA). The CPRA amends and expands California’s landmark consumer privacy legislation, the California...more
The California Privacy Rights Act (CPRA) expands the definition of personal information as it currently exists in the California Consumer Privacy Act (CCPA). The CPRA adds “sensitive personal information” as a defined term,...more
On November 3, 2020, California voters convincingly approved the California Privacy Rights Act (“CPRA”) ballot initiative. The CPRA builds upon and amends the California Consumer Protection Act (“CCPA”), aligning it more with...more
In less than a month, Californians will vote on a consumer privacy ballot initiative, the California Privacy Rights Act (“CPRA”). The California Consumer Privacy Act (“CCPA”) went into effect on January 2, 2020, and state...more
The COVID-19 pandemic has had a disparate effect on privacy regulators, with varying levels of enforcement advocated by different government entities; the California Attorney General, the U.S. Department of Health & Human...more