Photo of Sheila MillarPhoto of Tracy P. Marshall

At a press conference on August 11, 2022, the Federal Trade Commission (FTC or Commission) announced an Advance Notice of Proposed Rulemaking (ANPR), which was published, along with a fact sheet, to explore potential new rules governing what the FTC characterizes as prevalent “commercial surveillance” and “lax data security practices.” The FTC issued the

Photo of Sheila Millar

On August 24, 2022, the Federal Trade Commission (FTC or Commission) submitted a report to the Congressional Committees on Appropriations detailing current resources and personnel dedicated to COPPA enforcement, the number of COPPA violation investigations over the past five years, and the types of relief obtained in completed investigations. The report was submitted in response

Photo of Peter Craddock

Since it started in May 2018, enforcement of the rules of the General Data Protection Regulation (GDPR) across the EU has revealed various national trends and differences in approach. Yet one difference seems to dwarf all others: the variation in the amount of the fines for GDPR violations. This has led the European Data Protection

Photo of Sheila MillarPhoto of Tracy P. MarshallPhoto of Peter Craddock

On May 12, 2022, the European Data Protection Board published guidelines with a methodology for calculating fines for violations of the General Data Protection Regulation (GDPR). These guidelines were subject to a public consultation until June 27, 2022.

Because these guidelines are likely to have an influence on future decisions by data protection authorities in

Photo of Sheila MillarPhoto of Tracy P. Marshall

On July 8, 2022, the California Privacy Protection Agency (Agency) announced the start of the formal rulemaking process to adopt proposed regulations implementing the California Privacy Rights Act (CPRA), which amends and expands the California Consumer Privacy Act (CCPA).

The CCPA entered into force on January 1, 2020; most of the CPRA’s provisions become effective

Photo of Sheila MillarPhoto of Tracy P. Marshall

In the continuing absence of Congressional action on a comprehensive U.S. federal privacy law, five states have now enacted their own laws. We previously provided a summary of the California, Virginia, and Colorado laws (available here), and Connecticut and Utah have since enacted new privacy laws. The Connecticut Act Concerning Personal Data Privacy and

Photo of Sheila MillarPhoto of Tracy P. Marshall

Alvaro Bedoya, a Democrat, was confirmed on May 11, 2022, to serve as the fifth Commissioner of the Federal Trade Commission (FTC). With the Senate deadlocked at 50-50 along partisan lines, Vice President Kamala Harris cast the tie-breaking vote. Bedoya replaces former Commissioner Rohit Chopra, who left the FTC last October to lead the Consumer