The Better Business Bureau recently announced the launch of the TeenAge Privacy Program, which proposes a self-regulatory framework for companies to use in order to protect teen consumers and guide the responsible collection and management of teen data. The CISR’s new framework helps to address recent attention to the privacy and safety of teens online

Companies doing business in the United States should start preparing for the Utah Consumer Privacy Act, which was signed into law on March 24, 2022, and will go into effect on December 31, 2023. The law is more business-friendly than existing omnibus state privacy laws, in that it generally provides fewer consumer rights and company

California’s proliferation of new privacy laws shows no sign of slowing. In September and October, California’s Governor Gavin Newsom signed multiple privacy bills into law, covering genetics, abortion rights, and updates to the California Privacy Rights Act (CPRA) in Assembly Bill 694 (AB 694), which among other things clarifies the timing of the California Privacy Protection Agency’s (CPPA) rulemaking responsibilities.
Continue Reading California’s Governor Newsom Signs New Privacy Law Clarifying Timeline for CPRA Regulations

There have been several notable developments this month at the California Attorney General’s office relating to the CCPA. First, California Attorney General (AG) Rob Bonta held a press conference and issued a press release regarding CCPA enforcement in the past year. AG Bonta signaled that under his leadership, as under prior California Attorneys General, such as now Vice President Kamala Harris and United States Department of Health and Human Services Secretary Xavier Becerra, the AG’s office will continue its focus on privacy. AG Bonta emphasized the importance of the CCPA at a time when so much of our lives has moved online due to the COVID-19 pandemic and that “there’s more work to be done.” He reported “great progress” in CCPA enforcement, noting that 75% of businesses that received a notice of violation came into compliance within the CCPA’s 30-day cure period, while the remaining 25% are within the cure period or currently under active investigation.
Continue Reading Recent Developments at the California Attorney General’s Office Concerning the CCPA and Enforcement

Colorado Governor Jared Polis signed the Colorado Privacy Act (CPA) into law on July 7, 2021, making it the third comprehensive state privacy law enacted in the United States. California led with the California Consumer Privacy Act (CCPA), which was recently amended by the California Privacy Rights Act of 2020, and the Virginia Consumer Data

It’s a new year and it looks like 2021 is going to be another eventful one for privacy. In the past few weeks, we’ve seen several states introduce new privacy legislation, starting with Washington. On January 5, the Washington Privacy Act of 2021 (SB 5062) was introduced in the Washington State Senate and

When creating a privacy program, it is important to look ahead and think strategically about who your audience might be. For businesses that might find themselves under the scrutiny of regulators and judges because of a lawsuit, unwanted publicity, or data breach, it is critical to be able to demonstrate substantial compliance for the program they’ve implemented. This can be accomplished by developing privacy programs that follow guidance promulgated by their audience—regulators and courts. This guidance includes the CNIL’s (the French Data Protection Authority’s) Six Steps for GDPR Compliance, along with Federal Trade Commission orders such as the Vizio 2017 order, which provide a roadmap for a comprehensive privacy program that can be distilled down to six main phases
Continue Reading Six Phases of Compliance for a Comprehensive Privacy Program