Photo of Sheila A. MillarPhoto of Tracy P. Marshall

As Congress remains locked in a stalemate over the terms of a comprehensive federal privacy law, states continue to forge ahead. Following California, Virginia is the second U.S. state to enact its own comprehensive privacy law governing the collection and use of personal data. Governor Ralph Northam signed the Virginia Consumer Data Protection Act (CDPA)

Photo of Sheila A. MillarPhoto of Tracy P. Marshall

Protecting the online privacy of children by enforcing the Children’s Online Privacy Protection Act (COPPA) continues to be of paramount importance to federal and state regulators. In addition to the Federal Trade Commission (FTC), several state attorneys general (AGs) have brought COPPA actions recently, including the New Mexico and California AGs, and, most notably, the

Photo of Sheila A. MillarPhoto of Tracy P. Marshall

A recent Federal Trade Commission (FTC) settlement with an online game company that allegedly tracked children illegally highlights some important questions, namely, how should the FTC assess the penalties it imposes for privacy violations, and what is the most effective way to both deter and punish companies for such violations?

The complaint in question was

Photo of Sheila A. MillarPhoto of Tracy P. Marshall

One of the first formal privacy safe harbor programs was created under the Children’s Online Privacy Protection Act (COPPA). Put simply, businesses are deemed in compliance with COPPA if they belong to an FTC-approved COPPA safe harbor program and follow the safe harbor program’s guidelines. But the FTC takes seriously any false claim about participation

Photo of Sheila A. MillarPhoto of Tracy P. Marshall

The UK Information Commissioner’s Office (ICO) recently finalized its Age-appropriate design: a code of practice for online services (the code). The code applies to any “relevant information society services which are likely to be accessed by children” (by which the ICO means minors under age 18), whether designed for kids or general audiences. The new

Photo of Sheila A. MillarPhoto of Tracy P. Marshall

The Federal Trade Commission (FTC) recently released its annual report highlighting its work on privacy and data security during 2018. The FTC initiated five enforcement actions arising out of data breaches and nine data privacy enforcement actions in 2018, including cases against online payment system Venmo and mobile phone maker BLU for misrepresenting their privacy

Photo of Sheila A. MillarPhoto of Tracy P. Marshall

The Federal Trade Commission (FTC) approved modifications to the video game industry’s Children’s Online Privacy Protection Act (COPPA) program. Earlier this year, the Entertainment Software Ratings Board (ESRB) proposed several substantive changes intended to take account of recent FTC COPPA rules and guidance.

To receive FTC approval, COPPA safe harbor programs must “implement substantially

Photo of Sheila A. MillarPhoto of Tracy P. Marshall

Online talent search company Explore Talent just landed in the spotlight of the Federal Trade Commission (FTC). The Vegas-based company was charged with violating the Children’s Online Privacy Protection Act (COPPA), which requires that companies collecting information online must obtain informed, verifiable parental consent before collecting any information from a child under 13. The company

Photo of Sheila A. Millar

The Federal Trade Commission (FTC) has approved changes TRUSTe proposed to its safe harbor program several months ago under the Children’s Online Privacy Protection Act (COPPA) Rule. The approved modifications include a new requirement that program participants conduct an annual internal assessment of third-parties’ collection of personal information from children on their websites or