The Bottom Line The EU’s decision has struck at the heart of the ad tech industry’s system designed to ensure compliance with the GDPR when personal data is collected for retargeting. The program behind the scenes when an EU data subject sees a cookie banner may require significant Continue Reading
CCPA Enforcement Priorities Include Loyalty and Rewards Programs
The Bottom Line The California Attorney General continues to bring enforcement actions relating to the California Consumer Privacy Act (CCPA). While advertisers and marketers have generally focused on CCPA compliance with respect to privacy practices, it is important to highlight a marketing Continue Reading
Cybersecurity and Privacy Risks Rise with Remote Workforce
The Bottom Line With striking speed, the coronavirus pushed much of the U.S. workforce to a remote environment. Even as businesses and cities reopen, this remote work trend is likely to continue for the foreseeable future. As an unwelcome consequence, many are now exposed to a whole Continue Reading
Colorado Privacy Act Becomes the Third Comprehensive State Privacy Law
The Bottom Line After passing through the Colorado General Assembly, Governor Jared Polis signed the Colorado Privacy Act (CPA) into law on July 7, 2021. Colorado is now the third state in the country — following California and Virginia — to pass comprehensive privacy legislation. Companies Continue Reading
European Commission Adopts Revisions to Standard Contractual Clauses
The Bottom Line The European Commission (Commission) issued updated Standard Contractual Clauses (SCCs) on June 4, 2021. The long-awaited announcement follows a 2020 decision by the EU’s highest court to overturn the EU-US Privacy Shield Framework (Privacy Shield), which previously allowed for Continue Reading
Apple Makes Big Changes to Its Tracking System
The Bottom Line With the launch of iOS 14.5 slated for next week, Apple’s long-awaited changes to the use of its persistent identifier known as the “Identifier for Advertisers” (IDFA) have now gone into effect. While this change has been explained by Apple as a step to protect its users’ Continue Reading
Virginia Becomes the Second State to Pass a Comprehensive Privacy Law
The Bottom Line After passing with relative ease through Virginia’s House of Delegates and Senate, Governor Ralph Northam signed the Virginia Consumer Data Protection Act (CDPA) into law on March 2, 2021. Virginia joins California as the only states in the nation to have passed comprehensive Continue Reading
Don’t Smile at the Camera — New Biometric Data Laws
The Bottom Line The confluence of privacy, security, societal and other reasons have resulted in increased scrutiny over the use of biometric data through new proposed laws. In the absence of a consistent federal standard, businesses should assess their biometric data collection and use practices Continue Reading
EU-U.S. Data Transfers Post Schrems II
The Bottom Line In July, the EU-US Privacy Shield was invalidated by the Court of Justice of the European Union (the Court) (see our prior alert). While the Court upheld the Standard Contractual Clauses (SCC’s) as a sufficient transfer mechanism, it indicated that supplementary measures, Continue Reading
And the Winner of This Year’s Election Is… the California Privacy Rights Act
The Bottom Line While the 2020 United States presidential election took center stage, California voters approved the California Privacy Rights Act (CPRA) ballot measure. The CPRA makes significant changes to the existing California Consumer Privacy Act (CCPA), the landmark state privacy law Continue Reading