On Friday, February 9, as the country collectively packed up and prepared to head home for Super Bowl weekend, the Third Appellate District of the California Appellate Court issued an Order granting the California Privacy Protection Agency the ability to immediately enforce regulations implementing the California Privacy Rights Act, which were finalized in March 2023.
James Snell represents and counsels clients on a wide range of complex commercial matters, including privacy and security, Internet, marketing and intellectual property litigation and matters.
Building off of the momentum from last year’s torrent of new comprehensive state privacy laws, 2024 has begun with a bang as two more states have now entered the picture. On January 16, 2024, New Jersey became the latest state to enact comprehensive privacy legislation with the New Jersey Data Privacy Act (NJDPA). New Hampshire’s state legislature quickly followed suit by passing Senate Bill 255 and it is currently awaiting finalization before becoming law.Continue Reading Two New States Enter the Privacy Fray
The Board of the California Privacy Protection Agency (the CPPA) held its first meeting since July on Friday, September 8, 2023, and discussed the first public draft of cybersecurity audit regulations and risk assessment regulations. While the CPPA Board expressly announced that the drafts were for board meeting discussion purposes and that it has…
On June 6, 2023, Florida Governor Ron DeSantis signed Senate Bill 262 into law. SB 262 is a departure from the comprehensive privacy laws enacted by other states for a variety of reasons, including its (1) ban on government-directed moderation of social media, (2) restrictions on online interactions with minors (somewhat akin to the California Age-Appropriate Design Code), and (3) establishment of a “digital bill of rights” that creates general consumer privacy rights similar in many respects to those adopted in other states but, unlike them, Florida’s are narrowly applicable. Governor DeSantis has not shied away from saying the new law is directly aimed at “Big Tech,” and the targeted application of certain aspects of the law reflects that goal.
The ban on government-directed moderation took effect on July 1, 2023, with the protections for minors and digital bill of rights provisions set to take effect on July 1, 2024.Continue Reading Florida Enacts “Digital Bill of Rights” Combining Narrowly Applicable “Comprehensive” Privacy Provisions and More Broadly Applicable Restrictions on Children’s Privacy and Social Media Restrictions
One of the most litigated state telemarketing laws in the country has been significantly pared down. On May 2, 2023, the Florida legislature passed a bill to amend the Florida Telephone Solicitation Act (FTSA), Fla. Stat. § 501.059. The bill was presented to Florida Governor Ron DeSantis on May 16 and was signed into law on May 25. In this post, we cover the origins of the FTSA, its prior scope, and how the amendments modify the law. This amendment should significantly curtail lawsuits filed under the FTSA against companies that use technology to assist in placing calls to consumers.Continue Reading Florida Significantly Narrows the FTSA
The California Privacy Protection Agency (CPPA) released a statement on March 30, 2023, announcing that the California Office of Administrative Law (OAL) had approved the first substantive rulemaking package for the California Consumer Privacy Act (CCPA), amended by the California Privacy Rights Act (CPRA). As a result of this, the CCPA regulations in this rulemaking package are finalized and, according to their terms, effective immediately.Continue Reading Crossing the Finish Line: California Regulations Effective Immediately
After years out of circulation, class-action lawsuits asserting claims under the Video Protection Privacy Act are now back in reruns. More than 100 putative class actions alleging violations of the VPPA have been filed against publishers that use the Meta pixel on their websites.
It remains to be seen whether these lawsuits will survive evaluation…
The Board of the California Privacy Protection Agency (CPPA) approved a rulemaking package covering Sections 7000–7304 of their draft regulations on February 3, 2023. The board also initiated preliminary rulemaking activities for risk assessments, cybersecurity audits, and automated decision-making. In approving the rulemaking package, the CPPA did not make substantive changes to the version of its draft regulations published in October 2022, indicating that any changes following from the more than 400 pages of public comment analysis could be advanced in future rulemaking activities.Continue Reading Almost There and Starting Again: CPPA Votes To Finalize Regulations and Launches Round Two
While candy sales skyrocketed and trick-or-treaters donned costumes this past Halloween weekend, the California Privacy Protection Agency (Agency) Board was busy holding its first public meeting since September. Over the course of the two-day meeting on Friday and Saturday, October 28 and 29, the Agency welcomed new board member Alastair Mactaggart and discussed and debated numerous provisions of the Modified Draft Proposed California Consumer Privacy Act Regulations (Draft CCPA Regulations). Most importantly, it unanimously passed a motion directing the Agency staff to take all steps necessary to prepare and notice modifications to the text of the proposed regulatory amendments for an additional 15-day comment period.Continue Reading This is Not a Drill: CPPA Gets Closer to Finalizing Certain Privacy Regulations
Last week, the Consumer Privacy Protection Agency (Agency) Board rounded out the first half of 2022 by releasing draft California Privacy Rights Act (CPRA) regulations. This first set of CPRA regulations focus on updating existing California Consumer Privacy Act (CCPA) regulations to account for the new provisions of the CPRA and addressing specific areas such…