On July 18, 2023, Oregon Governor Tina Kotek signed the Oregon Consumer Privacy Act (SB 619)(“OCPA”) into law, making Oregon the eleventh state to enact a comprehensive state privacy law. OCPA will take effect on July 1, 2024, however the effective date for covered non-profits is delayed until July 1, 2025. While OCPA aligns with […]
NIST Cybersecurity Framework 2.0 Released for Public Comment
On August 8, 2023, the National Institute of Standards and Technology (NIST) released the initial draft of its Cybersecurity Framework 2.0 and draft Implementation Examples for public comment. This marks the first significant update to the NIST Cybersecurity Framework (“Framework”) since its initial release in 2014, which is intended to address current and future cybersecurity […]
California Attorney General Launches CCPA Investigative Sweep for Employers
On July 14, 2023, California Attorney General Rob Bonta launched investigations into large California employers regarding their compliance with the California Consumer Privacy Act (the “CCPA”) as it relates to their processing of employee and job applicant personal information. Attorney General Bonta’s investigative sweep is the first CCPA enforcement activity related to employee data. The […]
Texas Becomes Tenth State to Enact a Comprehensive State Privacy Law
On June 18, 2023, Texas Governor Greg Abbott signed the Texas Data Privacy and Security Act (HB 4) (“TDPSA”) into law, making Texas the latest contributor to the growing patchwork of comprehensive U.S. state privacy laws. TDPSA takes effect July 1, 2024, except for provisions that enable consumers to designate authorized agents to exercise on […]
FTC Issues Advance Notice of Proposed Rulemaking on Commercial Surveillance and Data Security
On August 22, 2022, the Federal Trade Commission (FTC) published its advance notice of proposed rulemaking (ANPR) to request public comment on commercial surveillance and data security practices. The ANPR comes at the same time as Congress is considering the federal American Data Privacy and Protection Act (ADPPA). The FTC seeks public comment on a […]