On August 8, 2023, the Massachusetts Gaming Commission approved 205 CMR 257: Sports Wagering Data Privacy, a set of regulations designed to create new rights and obligations with respect to sports betting operators’ use of patrons’ Confidential Information or Personally Identifiable Information. The regulations took effect on September 1, 2023.
Continue Reading Massachusetts Sports Wagering and Data Privacy Regulations Take Effect
Compliance
California Legislature Passes Bill Regulating Data Brokers
On September 14, 2023, the California legislature passed S.B. 362, a bill that would impose new requirements on data brokers and grant residents new rights designed to facilitate control over their personal data. …
Continue Reading California Legislature Passes Bill Regulating Data Brokers
Federal Judge Blocks the California Age-Appropriate Design Code
On September 18, 2023, Judge Beth Labson Freeman of the U.S. District Court for the Northern District of California granted NetChoice’s request for preliminary injunction in NetChoice v. Bonta, finding that NetChoice is likely to succeed on its claim that the California Age-Appropriate Design Code violates the First Amendment. …
Continue Reading Federal Judge Blocks the California Age-Appropriate Design Code
NetChoice Seeks to Block the California Age-Appropriate Design Code
On August 31, 2023, NetChoice, a national trade association of large online businesses, filed supplemental briefing in its challenge to the California Age-Appropriate Design Code. …
Continue Reading NetChoice Seeks to Block the California Age-Appropriate Design Code
European Commission Designates Gatekeepers Under the Digital Markets Act
On September 6, 2023, the European Commission designated six companies as gatekeepers under Article 3 of the Digital Markets Act. …
Continue Reading European Commission Designates Gatekeepers Under the Digital Markets Act
India Poised to Enact Digital Personal Data Protection Bill
On August 9, 2023, India’s upper house (i.e., Rajya Sabha) passed the Digital Personal Data Protection Bill, two days after India’s lower house (i.e., Lok Sabha) passed the legislation. The DPDPB now heads to India President Droupadi Murmu for signature.
Continue Reading India Poised to Enact Digital Personal Data Protection Bill
UK ICO Encourages Use of Privacy Enhancing Technologies
On June 19, 2023, the UK Information Commissioner’s Office (“ICO”) recommended that organizations start using privacy enhancing technologies (“PETs”) to share personal information safely, securely and anonymously. The ICO also has issued new guidance on PETs which is aimed at those using large data sets in finance, healthcare, money laundering and cybercrime. The guidance contains information on how PETs can be used to help organizations with data protection compliance and technical detail on the different types of PETs currently available.…
Continue Reading UK ICO Encourages Use of Privacy Enhancing Technologies
NYDFS Proposes Updated Second Amendment to Its Cybersecurity Regulation
On June 28, 2023, the New York Department of Financial Services published an updated proposed Second Amendment to its Cybersecurity Regulation, 23 NYCRR Part 500.
Continue Reading NYDFS Proposes Updated Second Amendment to Its Cybersecurity Regulation
FDIC, FRB and OCC Issue Interagency Guidance on Third-Party Relationships
On June 6, 2023, the Federal Deposit Insurance Corporation, the Board of Governors of the Federal Reserve System and the Office of the Comptroller of the Currency issued their final Interagency Guidance on Third-Party Relationships. …
Continue Reading FDIC, FRB and OCC Issue Interagency Guidance on Third-Party Relationships
EDPB Adopts Guidelines on Facial Recognition in the Area of Law Enforcement
On May 17, 2023, the European Data Protection Board adopted the final version of its Guidelines on facial recognition technologies in the area of law enforcement. …
Continue Reading EDPB Adopts Guidelines on Facial Recognition in the Area of Law Enforcement