On September 14, 2023, California Attorney General Rob Bonta announced a $93 million settlement with Google, LLC resolving alleged violations of California’s false advertising law and unfair competition law.
Continue Reading California AG Announces $93 Million Settlement of Allegations against Google Regarding Location Privacy Practices

On August 8, 2023, the Massachusetts Gaming Commission approved 205 CMR 257: Sports Wagering Data Privacy, a set of regulations designed to create new rights and obligations with respect to sports betting operators’ use of patrons’ Confidential Information or Personally Identifiable Information. The regulations took effect on September 1, 2023.
Continue Reading Massachusetts Sports Wagering and Data Privacy Regulations Take Effect

On September 18, 2023, Judge Beth Labson Freeman of the U.S. District Court for the Northern District of California granted NetChoice’s request for preliminary injunction in NetChoice v. Bonta, finding that NetChoice is likely to succeed on its claim that the California Age-Appropriate Design Code violates the First Amendment.
Continue Reading Federal Judge Blocks the California Age-Appropriate Design Code

On July 10, 2023, California Governor Newsom signed into law A.B. 127, which places the working group for the California Age-Appropriate Design Code Act (the “Act”) under the California Office of the Attorney General. The Act creates a working group, formally named the California Children’s Data Protection Working Group, to produce a report on recommendations for best practices concerning children’s access to online services. Under A.B. 127, the deadline for the first report from the working group will be pushed back from January 1, 2024, to July 1, 2024, and the working group will be required to consist of only nine members, instead of the original 10-member requirement.

Continue Reading First Report from the California Children’s Data Protection Working Group Delayed

On July 14, 2023, the Norwegian Data Protection Authority ordered Meta Platforms Ireland Limited and Facebook Norway AS to temporarily cease the processing of personal data of data subjects in Norway for the purpose of targeting ads on the basis of “observed behavior” when relying on the contractual necessity legal basis or the legitimate interests legal basis of the GDPR.
Continue Reading Norwegian DPA Adopts Measures Regarding Meta’s Behavioral Advertising Activities

On June 2 and June 5, 2023, the Connecticut and Nevada state legislatures, respectively, voted in favor of sending legislation to their governors for signature that would impose restrictions, among others, on the processing of consumer health data, including geofencing provisions. Nevada S.B. 370 was signed by Nevada Governor Joe Lombardo on June 16, 2023.
Continue Reading Connecticut and Nevada Legislatures Pass Health Data Laws

On May 24, 2023 Google LLC announced its recently updated privacy terms providing that, for many of Google’s advertising services, it will no longer act as a service provider for the purposes of the California Privacy Rights Act of 2020.
Continue Reading Google Updates Privacy Terms to Shift Away From Offering Some Services as a “Service Provider” Under the CCPA