On November 23, 2022, the UK government’s Department for Digital, Culture, Media & Sport announced that it had completed its assessment of South Korea’s personal data legislation, and concluded that sufficiently strong privacy laws are in place to protect UK personal data transferred to South Korea while upholding the rights and protections of UK citizens.
Continue Reading UK Finalizes South Korea Adequacy Decision

On November 15, 2022, the Federal Trade Commission announced a six-month extension for companies to comply with certain updated requirements of the Gramm-Leach-Bliley Act’s Safeguards Rule, a set of data security provisions covered financial institutions must implement to protect their customers’ personal information.
Continue Reading FTC Announces Six-Month Extension for Compliance with Some Changes to Gramm-Leach-Bliley Safeguards Rule

On November 14, 2022, Google LLC agreed to a $391.5 million settlement with the attorneys general of 40 U.S. states over the company’s location tracking controls available in its user account settings.
Continue Reading Google Agrees to $391.5 Million Settlement with 40 States over Misleading Location Tracking Practices

On October 31, 2022, the Consumer Financial Protection Bureau announced that it will re-open the public comment period on their October 2021 Orders for six large technology companies operating payments platforms to provide information about their business practices.
Continue Reading CFPB Re-Opens Public Comment on Prior Orders Seeking Information on Big Tech Payment Platforms

On November 3, 2022, the Federal Trade Commission announced a proposed order to settle an action against an internet phone service provider, Vonage, that would require Vonage to pay $100 million in refunds to customers harmed by its practices, which the FTC alleged included “dark patterns” that made it difficult for customers to cancel their service.
Continue Reading $100M FTC Enforcement Action Against Internet Phone Service Provider for Dark Patterns

On October 28-29, 2022, the California Privacy Protection Agency held a Board Meeting to discuss the modified proposed regulations promulgated for compliance with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020, as well as the remainder of the rulemaking process.
Continue Reading California Privacy Protection Agency Holds Board Meeting on CCPA/CPRA Modified Proposed Regulations

On October 31, 2022, the Federal Trade Commission announced a proposed settlement with education technology provider Chegg in connection with the company’s alleged poor cybersecurity practices.
Continue Reading FTC Takes Action Against Chegg for Alleged Security Failures that Exposed Data of Employees and 40 Million Consumers