On February 14, 2023, the CPPA announced that it had filed its first substantive rulemaking package for the proposed final draft CPRA regulations with California’s Office of Administrative Law, beginning a 30-day review period.
Continue Reading CPPA Files Proposed Final CPRA Regulations with California OAL, Kicking Off 30-Day Review Period

On February 10, 2023, the California Privacy Protection Agency issued an Invitation for Preliminary Comments on Proposed Rulemaking on cybersecurity audits, risk assessments and automated decisionmaking.
Continue Reading CPPA Invites Preliminary Comments on Proposed CPRA Rulemaking on Cybersecurity Audits, Risk Assessments and Automated Decisionmaking

On February 3, 2023, the California Privacy Protection Agency Board unanimously approved for submission to California’s Office of Administrative Law proposed final California Privacy Rights Act regulations released on January 31, 2023 which update the draft CPRA regulations released on November 3, 2022.
Continue Reading CPPA Approves Proposed Final CPRA Regulations for Submission to OAL

On February 1, 2023, the Federal Trade Commission announced that it entered into a proposed order with GoodRx, a telehealth and prescription drug discount provider, for violations of the FTC’s Health Breach Notification Rule stemming from GoodRx’s unauthorized disclosures of consumers’ personal health information to third party advertisers and other companies.
Continue Reading GoodRx to Pay $1.5 Million in First Ever FTC Health Breach Notification Rule Enforcement Action

On January 27, 2023, California Attorney General Rob Bonta announced a new enforcement sweep aimed at businesses with mobile apps and other businesses that fail to comply with the California Consumer Privacy Act.
Continue Reading California AG Announces CCPA Enforcement Sweep Aimed at Mobile Apps and Authorized Agent Requests

On January 23, 2023, the California Privacy Protection Agency Board announced that it will hold a public meeting on February 3, 2023 regarding the status of the California Privacy Rights Act of 2020 rulemaking process, particularly with respect to the issuance of new draft rules on risk assessments, cybersecurity audits and automated decisionmaking.
Continue Reading CPPA Board to Hold Meeting on Status of CPRA Rulemaking