State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: CFIUS Update: Key Takeaways from the FIRRMA Implementing Regulations
Rhode Island is the latest state to enact consumer privacy legislation. The Rhode Island Transparency and Privacy Protection Act (the "Act"), which passed into law on June 28, 2024, establishes a framework for controlling and...more
Recent U.S. developments indicate a growing focus on regulating and investigating the data privacy practices of companies in the automotive sector. The Federal Trade Commission (FTC) recently highlighted in a blog post its...more
On April 4, 2024, Kentucky became the fifteenth state to enact a comprehensive data privacy law, with Governor Andy Beshear signing the Kentucky Consumer Data Protection Act (KCDPA) into law. The Kentucky law will go into...more
The UK’s data privacy regulator, the Information Commissioner’s Office (ICO), is investigating Microsoft over potential privacy concerns with its recently announced AI-powered “Recall” feature for Windows PCs. Microsoft...more
The final weeks for many state legislatures have witnessed significant movements in the U.S. data privacy landscape. Last month, Nebraska Governor Jim Pillen signed the Data Privacy Act, LB1074, into law....more
The United States is among the minority of large economies in the world without a comprehensive national privacy law. In the absence of such a law, numerous states are filling the void with a complex assortment of often...more
On February 28, 2024, President Biden signed Executive Order (EO) 14117 titled “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” On March 5,...more
The Internet of Things (“IoT”) has ushered in a new era of connectivity and convenience, but with it comes a host of legal issues and emerging theories of liability. As IoT devices become increasingly ubiquitous in our daily...more
On February 28, 2024, President Biden issued Executive Order 14117 (the EO) on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern” that would...more
On January 4, 2023, the New Hampshire House of Representatives passed Senate Bill 255 (the “Act”) with amendments, setting the stage for New Hampshire to become the latest state with a comprehensive privacy law....more
The Texas Data Privacy and Security Act (TDPSA) became law on June 16, 2023. Texas becomes the 11th state to enact a comprehensive consumer data privacy law, joining California, Virginia, Colorado, Connecticut, Utah, Iowa,...more
From long-standing laws to incoming legislation, global nonprofits must understand the requirements and prepare for scrutiny in their handling of personal data. U.S. privacy regulations are currently a complex framework of...more
We are currently witnessing an AI revolution, and an unprecedented AI arms race among Big Tech over the incorporation of AI into their search engines and chatbot capabilities. Most notably, ChatGPT has been dominating news...more
California Privacy Protection Agency Releases Revised Regulations - With the effective date less than three months away, and ahead of a Board Meeting on October 28 and 29, the California Privacy Protection Agency released...more
Keypoint: The CPA draft rules are a complex and lengthy set of regulations that, if adopted without substantial modification, will significantly expand the CPA’s requirements and require controllers to carefully consider...more
The DE OFCCP Week in Review (WIR) is a simple, fast and direct summary of relevant happenings in the OFCCP regulatory environment, authored by experts John C. Fox, Candee Chambers and Cynthia L. Hackerott. In today’s edition,...more
Keypoint: A revised version of the American Data Privacy and Protection Act was formally introduced in the House and voted out of a subcommittee. As we previously reported, on June 3, 2022, a bipartisan and bicameral group...more
Keypoint: The chances for the United States to finally enact a federal privacy bill appear to have increased with the circulation of a bipartisan discussion draft although its chances for passage are far from clear....more
Providers of sports betting services must ensure that their cybersecurity protocols and data privacy policies adequately protect their systems and users. Since the Supreme Court struck down the federal ban on sports gambling...more
Six months have now passed since China's Personal Information Protection Law (PIPL) became effective on November 1, 2021. As noted below, Chinese authorities have recently stepped up enforcement actions relative to PIPL....more
The California Consumer Privacy Act (CCPA), considered one of the most expansive U.S. privacy laws to date, went into effect on January 1, 2020. The CCPA placed significant limitations on the collection and sale of a...more
Following the SolarWinds and the Colonial Pipeline cyberattacks, the Biden Administration emphasized a shift toward mandatory cybersecurity requirements. Throughout 2021, government agencies issued new cybersecurity guidance,...more
The Federal Trade Commission (FTC) recently issued a policy statement confirming that vendors of apps and other connected devices that collect personal health information, such as glucose levels, heart rate, or fertility or...more
The Virginia Consumer Data Protection Act (CDPA) overwhelmingly passed both legislative chambers this month and is expected to be signed by the Governor in the coming weeks with an effective date of January 1, 2023. Best...more
Based on China’s Cybersecurity Law (effective from June 1, 2017), the latest draft of Personal Information Protection Law and draft of Data Security Law, the new draft regulations would apply not only to automobile producers...more