State Attorneys General

Colorado AG Publishes Second Draft of Colorado Privacy Act Rules

Posted on January 3, 2023

On December 21, 2022, the Colorado Attorney General published an updated version of the draft rules to the Colorado Privacy Act.
Continue Reading Colorado AG Publishes Second Draft of Colorado Privacy Act Rules

Google Agrees to $391.5 Million Settlement with 40 States over Misleading Location Tracking Practices

Posted on November 15, 2022

Posted in Information Security, U.S. State Law

On November 14, 2022, Google LLC agreed to a $391.5 million settlement with the attorneys general of 40 U.S. states over the company’s location tracking controls available in its user account settings. …
Continue Reading Google Agrees to $391.5 Million Settlement with 40 States over Misleading Location Tracking Practices

California Privacy Protection Agency Holds Board Meeting on CCPA/CPRA Modified Proposed Regulations

Posted on November 4, 2022

Posted in U.S. State Law

On October 28-29, 2022, the California Privacy Protection Agency held a Board Meeting to discuss the modified proposed regulations promulgated for compliance with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020, as well as the remainder of the rulemaking process. …
Continue Reading California Privacy Protection Agency Holds Board Meeting on CCPA/CPRA Modified Proposed Regulations

Colorado AG Publishes Draft Colorado Privacy Act Rules

Posted on November 1, 2022

Posted in Enforcement, U.S. State Law

Last month, the Colorado Attorney General’s Office submitted an initial draft of the Colorado Privacy Act Rules, which will implement and enforce the Colorado Privacy Act.
Continue Reading Colorado AG Publishes Draft Colorado Privacy Act Rules

Texas AG Sues Google for Alleged Violations of State Biometric Privacy Law

Posted on October 25, 2022

Posted in Information Security, U.S. State Law

On October 20, 2022, Texas Attorney General Ken Paxton brought suit against Google alleging various violations of Texas’s biometric privacy law, including that the company unlawfully collected and used the biometric data of millions of Texans without obtaining proper consent. …
Continue Reading Texas AG Sues Google for Alleged Violations of State Biometric Privacy Law

New York Legislature Considers New York Child Data Privacy and Protection Act

Posted on October 25, 2022

Posted in Behavioral Advertising, Children’s Privacy, Enforcement, Marketing, Online Privacy, U.S. State Law

On September 23, 2022, New York State Senator Andrew Gounardes introduced S9563, also known as the “New York Child Data Privacy and Protection Act.” …
Continue Reading New York Legislature Considers New York Child Data Privacy and Protection Act

New York Attorney General Fines E-Commerce Parent Company for Failing to Properly Handle a Data Breach

Posted on October 19, 2022

Posted in Cybersecurity, Information Security, Security Breach

On October 12, 2022, New York Attorney General Letitia James announced that her office had secured a $1.9 million penalty from e-commerce retailer Zoetop, owner of SHEIN and ROMWE, following an improperly handled data breach.
Continue Reading New York Attorney General Fines E-Commerce Parent Company for Failing to Properly Handle a Data Breach

California Enacts the California Age-Appropriate Design Code Act

Posted on September 15, 2022

Posted in Children’s Privacy, Online Privacy, U.S. State Law

On September 15, 2022, California Governor Gavin Newsom signed into law the California Age-Appropriate Design Code Act. The Act, which takes effect July 1, 2024, places new legal obligations on companies with respect to online products and services that are likely to be accessed by children under the age of 18.
Continue Reading California Enacts the California Age-Appropriate Design Code Act

Wawa Inc. Settles Multi-State AG Breach Investigation for $8 Million

Posted on September 6, 2022

Posted in Cybersecurity, Enforcement, Information Security, Security Breach, U.S. State Law

On July 26, 2022, the attorneys general of New Jersey, Pennsylvania, Delaware, Maryland, Virginia, Florida and Washington D.C. announced an $8 million multistate settlement with Wawa Inc. that resolves the states’ investigation into a 2019 data breach that compromised approximately 34 million payment cards used by consumers at Wawa stores and fueling locations. …
Continue Reading Wawa Inc. Settles Multi-State AG Breach Investigation for $8 Million

California AG Provides Summary of Recent CCPA Enforcement Actions, with Focus on Global Privacy Control

Posted on August 31, 2022

Posted in Enforcement, Online Privacy, U.S. State Law

On August 24, 2022, the California Office of the Attorney General announced a new wave of enforcement efforts targeted at business’ recognition of the Global Privacy Control, and issued an updated summary of recent CCPA enforcement efforts.
Continue Reading California AG Provides Summary of Recent CCPA Enforcement Actions, with Focus on Global Privacy Control

Menu

Privacy & Information Security Law Blog