On August 29, 2023, the California Privacy Protection Agency Board issued draft regulations on Risk Assessment and Cybersecurity Audit.
Continue Reading CPPA Issues Draft CPRA Regulations on Risk Assessment and Cybersecurity Audit
Consumer Protection
FTC Announces Proposed Order Against Experian for CAN-SPAM Violations
Posted on
On August 14, 2023, the Federal Trade Commission announced a proposed order against Experian Consumer Services for failure to comply with the federal CAN-SPAM Act.
Continue Reading FTC Announces Proposed Order Against Experian for CAN-SPAM Violations
Delaware Could Become the 13th State to Enact a Comprehensive State Privacy Law
Posted on
Posted in U.S. State Law
On June 30, 2023, the Delaware House of Representatives passed the Delaware Personal Data Privacy Act (H.B. 154), a day after the Delaware Senate passed the legislation. The DPDPA heads to Governor John Carney for a final signature. …
Continue Reading Delaware Could Become the 13th State to Enact a Comprehensive State Privacy Law
California AG Bonta Announces New Enforcement Sweep Aimed at Employers
Posted on
On July 14, 2023, California Attorney General Rob Bonta announced a new enforcement sweep aimed at ensuring that companies comply with the California Consumer Privacy Act of 2018 with respect to the personal information of employees and job applicants.
Continue Reading California AG Bonta Announces New Enforcement Sweep Aimed at Employers
Oregon Consumer Privacy Act
Posted on
Posted in Enforcement, U.S. State Law
On June 22, 2023, the Oregon House of Representatives passed the Oregon Consumer Privacy Act (S.B. 619), which was previously passed by the Oregon Senate on June 20, 2023. The OCPA has been sent to the Oregon governor’s desk for signature. If signed, the OCPA would make Oregon the 12th state to have enacted comprehensive privacy legislation.
Continue Reading Oregon Consumer Privacy Act
New Washington State Geofencing Ban Set to Take Effect in July
Posted on
Posted in Health Privacy, U.S. State Law
On April 27, 2023, Washington adopted the My Health My Data Act. Most of the law’s provisions are not effective until March 31, 2024 (or June 30, 2024 for small businesses). The law’s geofencing prohibition, however, is set to take effect on July 23, 2023.
Continue Reading New Washington State Geofencing Ban Set to Take Effect in July
Potential Postponement of Enforcement of Final CPRA Regulations
Posted on
Posted in U.S. State Law
On June 29, 2023, the Superior Court of California for the County of Sacramento issued a Tentative Ruling providing for a postponement of enforcement of final CPRA regulations for 12 months after the regulations were finalized (i.e., March 29, 2024). …
Continue Reading Potential Postponement of Enforcement of Final CPRA Regulations
Connecticut and Nevada Legislatures Pass Health Data Laws
Posted on
On June 2 and June 5, 2023, the Connecticut and Nevada state legislatures, respectively, voted in favor of sending legislation to their governors for signature that would impose restrictions, among others, on the processing of consumer health data, including geofencing provisions. Nevada S.B. 370 was signed by Nevada Governor Joe Lombardo on June 16, 2023. …
Continue Reading Connecticut and Nevada Legislatures Pass Health Data Laws
Texas Passes Bill Requiring Digital Service Providers to Get Parental Consent for Create Minors’ Accounts
Posted on
On June 13, 2023, Texas Governor Greg Abbott signed H.B. 18, or the Securing Children Online through Parental Empowerment (“SCOPE”) Act that would require digital service providers to get parental consent to create an account with minors younger than 18 years of age. …
Texas Passes Bill Imposes Obligations on Digital Service Providers to Protect Minors
Posted on
On June 13, 2023, Texas Governor Greg Abbott signed H.B. 18, or the Securing Children Online through Parental Empowerment (“SCOPE”) Act that would impose obligations on digital service providers to protect minors.…