The Bottom Line As new state privacy laws go into effect in 2023, companies need to ensure compliance with an ever growing list of obligations.Expect regulators to keep cracking down on dark patterns and privacy violations, including noncompliance with these new privacy laws. Privacy laws Continue Reading
California Issues Second Draft of CPRA Regulations
The Bottom Line California has released a second version of draft regulations for the CPRA, a mere 10 weeks before the law is to take effect.This latest draft has changes that are both beneficial to businesses and increase the complexities of compliance.Given the fact that the regulations have Continue Reading
Colorado Privacy Act Draft Rules Issued
Update The Colorado Attorney General's Office released revised rules on December 21, 2022. Please refer to our alert covering the significant changes to the proposed rules. The Bottom Line The Colorado Attorney General’s Office has publicly committed to try to harmonize its consumer Continue Reading
California Governor Signs Age-Appropriate Design Code into Law
The Bottom Line For the first time, a state has enacted a bipartisan law that imposes monetary fines on companies that violate children’s privacy or jeopardize the online safety of minors under age 18. The Act requires businesses to reevaluate their privacy practices related to children and Continue Reading
First CCPA Enforcement Action’s $1.2 Million Fine to Sephora is a Wakeup Call for the Ad Tech Industry
The Bottom Line The first substantial CCPA enforcement action should be a wakeup call for the advertising industry. California is aggressively policing the industry and looking closely at the third-party tracking mechanisms used on sites. With the CPRA just around the corner, more Continue Reading
Draft CPRA Regulations Issued by the California Privacy Protection Agency
The Bottom Line The proposed Regulations include many changes and clarifications to aspects of the CPRA, including, but not limited to: the selling or sharing of consumer personal information to third parties; consumer notice and privacy policy requirements; recognition of opt-out preference Continue Reading
Utah Consumer Privacy Act Joins the Growing List of Comprehensive State Privacy Laws
The Bottom Line In the absence of a new comprehensive consumer privacy law on the federal level, states continue to propose their own laws.Utah has become the fourth state in the United States to enact such a law.There are similarities, but some differences, with the new laws in California, Continue Reading
California Privacy Protection Agency Delays Release of CPRA Regulations
The Bottom Line While businesses are eager to implement new compliance steps to meet the requirements of the CPRA and other new privacy laws, full compliance is not possible until regulators provide final rules stipulating how businesses can achieve such compliance. Therefore, businesses will Continue Reading
UK Issues New Model Clauses for International Data Transfers
The Bottom Line As a result of Brexit, the UK has introduced its own new documents to govern certain cross-border transfers of personal data.Businesses need to be aware of the similarities and differences between the EU and UK approaches. After Brexit took effect last year, the United Continue Reading
EU Regulators Rule Ad Tech Industry’s TCF Framework Violates GDPR
The Bottom Line The EU’s decision has struck at the heart of the ad tech industry’s system designed to ensure compliance with the GDPR when personal data is collected for retargeting. The program behind the scenes when an EU data subject sees a cookie banner may require significant Continue Reading