On May 12, 2022, the European Data Protection Board published guidelines with a methodology for calculating fines for violations of the General Data Protection Regulation (GDPR). These guidelines were subject to a public consultation until June 27, 2022.
Because these guidelines are likely to have an influence on future decisions by data protection authorities in
On July 8, 2022, the California Privacy Protection Agency (Agency) announced the start of the formal rulemaking process to adopt proposed regulations implementing the California Privacy Rights Act (CPRA), which amends and expands the California Consumer Privacy Act (CCPA).
The CCPA entered into force on January 1, 2020; most of the CPRA’s provisions become effective
In the continuing absence of Congressional action on a comprehensive U.S. federal privacy law, five states have now enacted their own laws. We previously provided a summary of the California, Virginia, and Colorado laws (available here), and Connecticut and Utah have since enacted new privacy laws. The Connecticut Act Concerning Personal Data Privacy and
Alvaro Bedoya, a Democrat, was confirmed on May 11, 2022, to serve as the fifth Commissioner of the Federal Trade Commission (FTC). With the Senate deadlocked at 50-50 along partisan lines, Vice President Kamala Harris cast the tie-breaking vote. Bedoya replaces former Commissioner Rohit Chopra, who left the FTC last October to lead the Consumer
After the EU-U.S. Privacy Shield was rendered invalid by the Court of Justice of the European Union (CJEU) in July 2020, and following a prior challenge to the U.S.-EU Safe Harbor, many businesses operating on both sides of the pond scrambled to find other ways to protect data flows between the EU and U.S. that
In 2014, with childhood obesity on the rise in the United States, tech company Kurbo, Ltd. (Kurbo) marketed a free app for kids that, according to the company, was “designed to help kids and teens ages 8-17 reach a healthier weight.” When WW International (WW) (formerly Weight Watchers) acquired Kurbo in 2018, the app was
“Dark patterns” – social media platform interfaces that can lead users to make unintended and potentially harmful decisions regarding the processing of their personal data – are a subject of increasing scrutiny in the EU. New guidelines of the European Data Protection Board (EDPB) on “dark patterns in social media platform interfaces” confirm the focus
Children’s Online Privacy Protection Act (COPPA) enforcement actions closed out 2021 (see our blog post) and children’s online privacy remains a hot topic in Congress in 2022. After a series of articles by The Wall Street Journal last September uncovered Instagram’s own research on possible harms to teenagers from social media engagement, members of the
In the absence of a comprehensive U.S. federal privacy law, three states – California, Virginia, and Colorado – have enacted comprehensive privacy laws as of this year. The California Consumer Privacy Act (CCPA) is in effect now, and the California Privacy Rights Act (CPRA), Virginia Consumer Data Protection Act (VCDPA), and Colorado Privacy Act (CPA)
The newly established California Privacy Protection Agency (the Agency) is soliciting public comments on a number of issues, as required by the California Privacy Rights Act (CPRA) that was passed by ballot initiative in November 2020. CPRA expands the rights afforded to California residents and the obligations imposed on businesses under the California Consumer Privacy
