The Bottom Line The proposed Regulations include many changes and clarifications to aspects of the CPRA, including, but not limited to: the selling or sharing of consumer personal information to third parties; consumer notice and privacy policy requirements; recognition of opt-out preference Continue Reading
Utah Consumer Privacy Act Joins the Growing List of Comprehensive State Privacy Laws
The Bottom Line In the absence of a new comprehensive consumer privacy law on the federal level, states continue to propose their own laws.Utah has become the fourth state in the United States to enact such a law.There are similarities, but some differences, with the new laws in California, Continue Reading
California Privacy Protection Agency Delays Release of CPRA Regulations
The Bottom Line While businesses are eager to implement new compliance steps to meet the requirements of the CPRA and other new privacy laws, full compliance is not possible until regulators provide final rules stipulating how businesses can achieve such compliance. Therefore, businesses will Continue Reading
UK Issues New Model Clauses for International Data Transfers
The Bottom Line As a result of Brexit, the UK has introduced its own new documents to govern certain cross-border transfers of personal data.Businesses need to be aware of the similarities and differences between the EU and UK approaches. After Brexit took effect last year, the United Continue Reading
EU Regulators Rule Ad Tech Industry’s TCF Framework Violates GDPR
The Bottom Line The EU’s decision has struck at the heart of the ad tech industry’s system designed to ensure compliance with the GDPR when personal data is collected for retargeting. The program behind the scenes when an EU data subject sees a cookie banner may require significant Continue Reading
CCPA Enforcement Priorities Include Loyalty and Rewards Programs
The Bottom Line Promotional practices, such as loyalty and reward programs, have unique disclosure obligations under the CCPA.With enforcement actions ramping up in California, and new privacy laws on the horizon, it is important for companies to have all of their marketing practices reviewed in Continue Reading
Cybersecurity and Privacy Risks Rise with Remote Workforce
The Bottom Line It is important for businesses to address their cybersecurity and other risks they face with a remote workforce since remote work is likely here to stay in one form or another.Employers must stay vigilant and not become complacent as time goes on, as well as maintain regular Continue Reading
Colorado Privacy Act Becomes the Third Comprehensive State Privacy Law
The Bottom Line Colorado is the third state to enact a comprehensive consumer privacy law.Although the Colorado Privacy Act shares some similarities with California’s CCPA and CPRA, and Virginia’s CDPA, there are some material differences, and companies will need to strategize how to harmonize Continue Reading
European Commission Adopts Revisions to Standard Contractual Clauses
The Bottom Line The revised SCCs published by the European Commission will provide businesses with more flexibility to enter data sharing arrangements with controllers and processors outside of the European Economic Area.Businesses should revisit their contractual arrangements and identify any Continue Reading
Apple Makes Big Changes to Its Tracking System
The Bottom Line Apple’s changes to IDFA and Google’s announcement blocking third-party cookies in Chrome will change advertisers’ ability to track and retarget users as they have in the past.All participants in the online advertising ecosystem, including publishers, ad tech companies and Continue Reading