On July 10, 2023, the European Commission (EC) adopted its long-awaited adequacy decision for the United States, resulting in the new EU-U.S. Data Privacy Framework (DPF or Framework). For more information, see our European Commission Adopts EU-U.S. Adequacy Decision blog post.
Qualified Adequacy Decision for the United States. Typically, EC
Following on the heels of a California Superior Court’s last minute ruling that stayed enforcement of the revised California Consumer Privacy Act (CCPA) regulations, as previously discussed on this blog, California’s data privacy regulators have responded in ways that confirm they are more committed than ever to holding businesses accountable for alleged violations
On June 30, 2023, the Superior Court for the County of Sacramento issued a minute order enjoining the California Privacy Protection Agency (CPPA or Agency) from enforcing updates to the existing CCPA regulations until March 29, 2024, twelve months after they were finalized. However, the Agency’s enforcement of the CCPA, as now amended by the California
On Oct. 18, 2022, the UK Information Commissioner’s Office (ICO) updated its “Guidance on Direct Marketing Using Electronic Mail,” providing refreshed FAQs regarding what constitutes electronic mail marketing, related rules and responsibilities, and miscellaneous clarifications to compliance questions such as “are tracking pixels covered by the electronic mail marketing rules?” (Short answer: technically no, but
On July 8, 2022, the California Privacy Protection Agency (CPPA) issued proposed amendments to the California Consumer Privacy Act (CCPA) regulations to harmonize them with the California Privacy Rights Act of 2020 (CPRA), which will go into effect on Jan. 1, 2023. Individuals or companies have until Aug. 23, 2022, at 5 p.m. to submit
This article was originally posted by IAPP here. Reprinted with permission.
In July, the office of the attorney general of California marked the one-year anniversary of its enforcement of the California Consumer Privacy Act by issuing a press release to tout its “successful enforcement efforts.” Also well-publicized, in the same announcement, the office unveiled
In a unanimous decision released on April 22, 2021, the U.S. Supreme Court upended decades of lower court precedent by finding that Section 13(b) of the Federal Trade Commission Act (FTC Act) does not authorize the FTC to seek, or a court to award, equitable monetary relief such as restitution or disgorgement. Instead, in AMG
New regulations to the California Consumer Privacy Act (CCPA) took effect in March that prohibit businesses from using on their websites “dark patterns” that make it difficult for California consumers to opt out of the sale of their personal information.
A dark pattern is a potentially manipulative user interface design that can have the effect,
On March 2, 2021, Virginia Gov. Ralph Northam signed the Virginia Consumer Data Protection Act (CDPA) into law, making Virginia the second state to have comprehensive data privacy legislation on the books. The CDPA is similar to the privacy regime enacted under the California Consumer Privacy Act (CCPA) and expanded under the California Privacy Rights
On Feb. 10, 2021, Acting Federal Trade Commission (FTC) Chairwoman Rebecca Kelly Slaughter offered a glimpse of where the FTC may be headed under the Biden administration and confirmed that privacy remains among the Commission’s top priorities.
In her keynote address to the Future of Privacy Forum, Slaughter shared her views on the FTC’s role