At a press conference on August 11, 2022, the Federal Trade Commission (FTC or Commission) announced an Advance Notice of Proposed Rulemaking (ANPR), which was published, along with a fact sheet, to explore potential new rules governing what the FTC characterizes as prevalent “commercial surveillance” and “lax data security practices.” The FTC issued the
Data Privacy
Thought Those 300 GDPR Fines Were High? Think Again

Since it started in May 2018, enforcement of the rules of the General Data Protection Regulation (GDPR) across the EU has revealed various national trends and differences in approach. Yet one difference seems to dwarf all others: the variation in the amount of the fines for GDPR violations. This has led the European Data Protection…
Meet DeFine, a GDPR Fine Calculator



On May 12, 2022, the European Data Protection Board published guidelines with a methodology for calculating fines for violations of the General Data Protection Regulation (GDPR). These guidelines were subject to a public consultation until June 27, 2022.
Because these guidelines are likely to have an influence on future decisions by data protection authorities in…
The State of U.S. State Privacy Laws: A Comparison


In the continuing absence of Congressional action on a comprehensive U.S. federal privacy law, five states have now enacted their own laws. We previously provided a summary of the California, Virginia, and Colorado laws (available here), and Connecticut and Utah have since enacted new privacy laws. The Connecticut Act Concerning Personal Data Privacy and…
CISA “Shields Up” Campaign Offers Practical Cybersecurity Guidance for Organizations


As cyberattacks from a myriad of sources continue to proliferate and target organizations of all types and sizes, the Cybersecurity and Infrastructure Security Agency (CISA) continues to update its Shield’s Up webpage with specific cybersecurity guidance for organizations, CEOs, business leaders, and individuals. The stated goal is to “reduce the likelihood of a damaging cyber…
What’s Next After Facebook’s Record $5 Billion Fine and Cambridge Analytica?


Facebook is facing some big changes after the Federal Trade Commission (FTC) settled with the social media giant over charges that it violated an earlier consent agreement. The company will pay a penalty of $5 billion, which is not only the biggest privacy fine in history, but also, according to FTC commissioner Noah Phillips, “almost…
FTC and D-Link Settle Data Security Dispute


After protracted litigation, the Federal Trade Commission (FTC) entered into a proposed settlement with computer software manufacturer D-Link over charges that the company misrepresented the security of its wireless routers and Internet-connected cameras and failed to take reasonable software testing and remediation measures to protect the devices.
As we previously reported, part of the…