On March 16, 2023, the Federal Trade Commission announced it issued orders to eight social media and video streaming platforms seeking Special Reports on how the platforms review and monitor commercial advertising to detect, prevent and reduce deceptive advertisements, including those related to fraudulent healthcare products, financial scams and the sale of fake goods.
Continue Reading FTC Announces Orders to Address Deceptive Advertising on Social Media and Video Streaming Platforms
Information Security
DOJ Publishes New Corporate Compliance Guidance Related to Communications Platforms and Messaging Applications
On March 3, 2023, the U.S. Department of Justice released an update to its Evaluation of Corporate Compliance Programs guidance. …
Continue Reading DOJ Publishes New Corporate Compliance Guidance Related to Communications Platforms and Messaging Applications
Iowa House and Senate Unanimously Vote to Approve Comprehensive Privacy Legislation
On March 6 and 15, 2023, both chambers of the Iowa Legislature unanimously voted to approve Senate File 262, which could make Iowa the sixth U.S. state to enact comprehensive privacy legislation.
Continue Reading Iowa House and Senate Unanimously Vote to Approve Comprehensive Privacy Legislation
UK ICO Issues Updated Guidance on AI and Data Protection
On March 15, 2023, the UK Information Commissioner’s Office published an updated version of its guidance on AI and data protection, following requests from UK industry to clarify requirements for fairness in AI. …
Continue Reading UK ICO Issues Updated Guidance on AI and Data Protection
International Data Transfers: Time to Rethink Binding Corporate Rules
This is an excerpt from CIPL President Bojana Bellamy’s recently published piece in the IAPP “Privacy Perspectives” blog. This piece discusses binding corporate rules as important transfer mechanism.
Continue Reading International Data Transfers: Time to Rethink Binding Corporate Rules
SEC Brings Cyber Disclosure Enforcement Action
On March 9, 2023, the U.S. Securities and Exchange Commission announced settled administrative charges against Blackbaud Inc.
Continue Reading SEC Brings Cyber Disclosure Enforcement Action
TSA Announces New Cybersecurity Requirements for Airport and Aircraft Operators
On March 7, 2023, the Transportation Security Administration announced the issuance on an emergency basis of a cybersecurity amendment to the security programs of certain TSA-regulated airport and aircraft operators, as part of the U.S. Department of Homeland Security’s initiatives to improve the cybersecurity of U.S. critical infrastructure. …
Continue Reading TSA Announces New Cybersecurity Requirements for Airport and Aircraft Operators
UK Introduces Data Protection and Digital Information (No. 2) Bill
On March 8, 2023, the UK Secretary of State for Science, Innovation and Technology, Michelle Donelan, introduced the Data Protection and Digital Information (No. 2) Bill to UK Parliament.
Continue Reading UK Introduces Data Protection and Digital Information (No. 2) Bill
Bill to Amend the Gramm-Leach-Bliley Act Introduced to Congress
On February 24, 2023, Representative Patrick T. McHenry of North Carolina introduced a bill proposing the creation of the Data Privacy Act of 2023. …
Continue Reading Bill to Amend the Gramm-Leach-Bliley Act Introduced to Congress
Illinois Supreme Court Rules that a Claim Under BIPA Accrues with Every Scan or Transmission of Biometric Identifiers or Biometric Information Without Prior Informed Consent
On February 17, 2023, the Illinois Supreme Court issued an opinion in Cothron v. White Castle Systems, Inc., in response to a certified question from the Seventh Circuit, ruling that the plain language of Section 15(b) and 15(d) of the Illinois Biometric Privacy Act shows that a claim accrues under BIPA with every scan or transmission of biometric identifiers or biometric information without prior informed consent. …
Continue Reading Illinois Supreme Court Rules that a Claim Under BIPA Accrues with Every Scan or Transmission of Biometric Identifiers or Biometric Information Without Prior Informed Consent