State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: CFIUS Update: Key Takeaways from the FIRRMA Implementing Regulations
This monthly report outlines key developments in China’s data protection sector for June. TC260 Two Cybersecurity Practice Guidelines on Personal Information Protection Compliance Audits: On May 19, 2025, TC260 issued two...more
Maryland Governor Wes Moore signed the Maryland Online Data Privacy Act of 2024 (MODPA) into law on May 9, 2024. This new law establishes transparency, assessment, and consumer rights requirements for organizations that fall...more
Editor’s Note: During this webcast, industry leaders discussed using generative AI (GAI) in the legal and cybersecurity fields. The speakers, John Brewer, Anya Korolyov, Chris Wall, and Bernie Gabin, all experts in AI and...more
On February 28, 2024, President Biden announced that he was issuing an Executive Order (the "EO") directing the promulgation of regulations to limit the dissemination of "bulk sensitive personal data" and "United States...more
The California Privacy Protection Agency (CPPA) released initial draft regulations for cybersecurity audits (which have since been amended) and risk assessments late this summer. The agency’s board of directors addressed the...more
Global Privacy Controls, vendor management, sensitive personal information, and the use of Ad Tech; new U.S. state data protection laws introduce twists to traditional notions of American data protection law. In the U.S.,...more
Online sports betting has become a booming industry in recent years, with millions of people placing bets and wagers from their phones and computers. Ever since Murphy v. NCAA, the 2018 case in which the United States Supreme...more
The year 2023 will continue to have cybersecurity and data privacy front of mind for General Counsels. With sweeping new US and global laws and regulations coming online and the California Privacy Protection Agency (CPPA)...more
In Jones v. Google, LLC, a three-judge panel of the U.S. Court of Appeals for the Ninth Circuit held that a district court judge erred in finding that state privacy claims were preempted by the federal statutory framework...more
A recent blog post by the leader of a cybersecurity platform provides a suggestion as to how gig economy companies can protect all the sensitive data they accumulate – and we can add a few more items to that checklist. Arti...more
President Biden issued Executive Order (EO) 14083 on September 15, 2022, establishing five factors for reviews by the Committee on Foreign Investment in the U.S. (CFIUS), and areas of heightened scrutiny for transactions...more
Providers of sports betting services must ensure that their cybersecurity protocols and data privacy policies adequately protect their systems and users. Since the Supreme Court struck down the federal ban on sports gambling...more
Six months have now passed since China's Personal Information Protection Law (PIPL) became effective on November 1, 2021. As noted below, Chinese authorities have recently stepped up enforcement actions relative to PIPL....more
On June 10, 2021, China’s national legislature – the Standing Committee of the National People's Congress passed the Data Security Law (the “DSL”). The DSL (see here for a non-official English translation) took effect on...more
The Regulation on Management of Automobile Data Security (Trial) (Regulation) was passed on the 101st meeting of Cyberspace Administration of China (CAC), approved by four other Chinese ministries and officially published on...more
Since the passage of the CCPA in 2018, there has been a flurry of proposed state laws aimed at regulating the areas of cybersecurity and data privacy in the absence of federal comprehensive legislation. Additionally, there...more
Blood pressure readings, menstrual cycles, and pregnancy status are among the types of sensitive personal data Facebook was caught collecting from third-party app developers without users' knowledge or permission. After a...more
One of the most notable features of the new California Consumer Privacy Rights Act (CPRA) and the proposed Virginia Consumer Data Protection Action (VCDPA)—which has now passed both houses of the Virginia legislature—is the...more
As we have previously highlighted, the California Privacy Rights Act (CPRA) creates a new category of personal information, called “sensitive personal information.” While the CPRA’s predecessor, the California Consumer...more
On Election Day, California voters approved Proposition 24, which enacts the California Privacy Rights Act of 2020 (CPRA). The CPRA amends and expands California’s landmark consumer privacy legislation, the California...more
The California Privacy Rights Act (CPRA) expands the definition of personal information as it currently exists in the California Consumer Privacy Act (CCPA). The CPRA adds “sensitive personal information” as a defined term,...more
On November 3, 2020, California voters convincingly approved the California Privacy Rights Act (“CPRA”) ballot initiative. The CPRA builds upon and amends the California Consumer Protection Act (“CCPA”), aligning it more with...more
Though it may not have been the biggest news of the election so far, California voters approved Proposition 24 on Tuesday, November 3, 2020. Proposition 24 adopts the California Privacy Rights Act of 2020 (CPRA), which...more
On October 21, 2020, the Standing Committee of the National People’s Congress (NPC) of the People’s Republic of China (PRC) released the draft PIP Law for public comment. With the big data industry rapidly growing in China...more
In less than a month, Californians will vote on a consumer privacy ballot initiative, the California Privacy Rights Act (“CPRA”). The California Consumer Privacy Act (“CCPA”) went into effect on January 2, 2020, and state...more