On June 13, 2023, Texas Governor Greg Abbott signed H.B. 18, or the Securing Children Online through Parental Empowerment (“SCOPE”) Act that would require digital service providers to get parental consent to create an account with minors younger than 18 years of age.
Service Provider
Texas Passes Bill Imposes Obligations on Digital Service Providers to Protect Minors
On June 13, 2023, Texas Governor Greg Abbott signed H.B. 18, or the Securing Children Online through Parental Empowerment (“SCOPE”) Act that would impose obligations on digital service providers to protect minors.…
UK Cyber Laws Extended to Bring Outsourcers and Managed Service Providers into Scope to Strengthen UK’s Resilience Against Online Cyber Attacks
On November 30, 2022, the UK government confirmed that the Network and Information Systems Regulations 2018 will be strengthened to protect essential and digital services against cyber attacks.
Continue Reading UK Cyber Laws Extended to Bring Outsourcers and Managed Service Providers into Scope to Strengthen UK’s Resilience Against Online Cyber Attacks
$100M FTC Enforcement Action Against Internet Phone Service Provider for Dark Patterns
On November 3, 2022, the Federal Trade Commission announced a proposed order to settle an action against an internet phone service provider, Vonage, that would require Vonage to pay $100 million in refunds to customers harmed by its practices, which the FTC alleged included “dark patterns” that made it difficult for customers to cancel their service. …
Continue Reading $100M FTC Enforcement Action Against Internet Phone Service Provider for Dark Patterns
New CFPB Interpretive Rule Targets Digital Marketing Providers
On August 10, 2022, the Consumer Financial Protection Bureau issued a new interpretive rule clarifying when digital marketing providers must comply with federal consumer financial protection law. Under the new rule, Big Tech companies that use behavioral advertising techniques to market financial products will be subject to the Consumer Financial Protection Act of 2010. …
Continue Reading New CFPB Interpretive Rule Targets Digital Marketing Providers
European Court of Human Rights Says Bulk Interception Is Not a Violation of Human Rights
On May 25, 2021, the Grand Chamber of the European Court of Human Rights handed down its judgement in the case of Big Brother Watch and Others v. the United Kingdom, determining that the former surveillance regime in the UK violated Article 8 of the European Convention on Human Rights (i.e., the right to respect for private and family life).
Continue Reading European Court of Human Rights Says Bulk Interception Is Not a Violation of Human Rights
Belgian DPA Approves First EU Data Protection Code of Conduct for Cloud Service Providers
On May 20, 2021, the Belgian Data Protection Authority announced that it had approved the EU Data Protection Code of Conduct for Cloud Service Providers, the first transnational EU code of conduct since the entry into force of the EU General Data Protection Regulation.
Continue Reading Belgian DPA Approves First EU Data Protection Code of Conduct for Cloud Service Providers
China Issues the Measures for the Supervision and Administration of Online Transactions
China’s State Administration for Market Regulation has recently issued Measures for the Supervision and Administration of Online Transactions. The Measures implement rules for the E-commerce Law of China and provide the specific rules for addressing registration of an online operation entity, supervision of new business models (such as social e-commerce and livestreaming), platform operators’ responsibilities, protection of consumers’ rights and protection of personal information.
Continue Reading China Issues the Measures for the Supervision and Administration of Online Transactions
CIPL Submits Comments on Irish DPC’s Guidance on Safeguarding Personal Data of Children
The Centre for Information Policy Leadership at Hunton Andrews Kurth has submitted its comments on the Irish Data Protection Commissioner’s draft guidance on the safeguarding of the personal data of children when providing online services.
Continue Reading CIPL Submits Comments on Irish DPC’s Guidance on Safeguarding Personal Data of Children
French Highest Court Rejects Suspension of Partnership with EU Service Provider Using AWS; Extends Application of the Schrems II Requirements
France’s highest administrative court recently issued a summary judgment that rejected a request for the suspension of the partnership between the French Ministry of Health and Doctolib, a leading provider of online medical consultations in Europe, for the management of COVID-19 vaccination appointments. …
Continue Reading French Highest Court Rejects Suspension of Partnership with EU Service Provider Using AWS; Extends Application of the Schrems II Requirements