Board Governance & Cyber Risk Management

FTC Denies an Application to Add a New Verifiable Parental Consent Mechanism Under COPPA Rule Without Prejudice

April 2, 2024 By Maki DePalo and Hyun Jai Oh

On March 29, 2024, the Federal Trade Commission (the “FTC”) published a unanimous decision to deny an application by the Entertainment Software Rating Board, Yoti, and SuperAwesome (collectively, the “Applicants”) to add a new verifiable parental consent (“VPC”) mechanism under the Children’s Online Privacy Protection Rule (“COPPA Rule”). The application, which our previous blog post […]

China Releases Updated Regulations on Permits Needed for Transferring Data out of China

April 2, 2024 By Daniel Felz and Yin Tydir

On March 22, 2024, the Cyberspace Administration of China (CAC) published the Regulations on Promoting and Regulating Cross-border Data Flow (the “Regulations”), effective immediately. The Regulations supplement China data protection laws (the Cybersecurity Law, the Data Security Law, and the Personal Information Protection Law), and take precedence over previously-issued data transfer rules, such as (a) […]

More Guidance from HHS on Online Tracking Technologies but Questions Remain

March 20, 2024 By Daniel Felz and David Keating

Health and Human Services (“HHS”) released updated guidance yesterday on the use of online tracking technologies (like cookies, pixels, software development kits (SDKs), etc.) by HIPAA Covered Entities (the “Updated Guidance”). The Updated Guidance amends and supersedes HHS’s original guidance on the use of digital tracking technologies published on December 1, 2022 (the “Prior Guidance”). […]

State AGs and Other Stakeholders Weigh In On Proposed COPPA Rule Update

March 14, 2024 By Karen Sanzaro and Hyun Jai Oh

The Federal Trade Commission (FTC) received over 270 comments to its notice of proposed rulemaking (NPRM) for the amendments to the Children’s Online Privacy Protection Rule (COPPA Rule) during the public comment period that ended on March 11, 2024. The NPRM reflects the FTC’s continued effort to modernize the COPPA Rule, which implements the Children’s […]

White House Executive Order to Regulate Transactions Involving Sensitive Personal Data of Americans

February 28, 2024 By Daniel Felz, David Keating, Jason Waite and John Lesko

Today, the White House announced that President Biden will sign an executive order designed to protect sensitive data of U.S. persons from exploitation by identified countries of concern. This executive order is expected to be published later today, and to direct the Department of Justice (DOJ) to issue regulations designed to address transactions that involve […]