California passed the California Consumer Privacy Act (CCPA) in September 2018, and the CCPA enters into force on January 1, 2020. One of the CCPA’s core elements is a right for consumers to know when a company is selling their data, and to opt-out of data sales at any time. This was the primary focus […]
Data Protection
FTC Announces New Cybersecurity Requirements, Privacy Rule Update
In March, the Federal Trade Commission announced proposed updates to two key privacy and security regulations, the Safeguards Rule and Privacy Rule. Both rules implement regulations under the federal Gramm Leach Bliley Act, and the FTC seeks comments for both. The FTC’s proposed update to the Safeguards Rule would impose a number of information security […]
Proposed Amendment to California Consumer Privacy Act Would Expand Private Right of Action
On February 25, California’s Attorney General Xavier Becerra and Senator Hannah-Beth Jackson introduced new legislation to amend the California Consumer Privacy Act (CCPA). The CCPA as currently enacted establishes a private right of action for consumers impacted by cyber security breaches. The amendment, known as SB-561, would expand the private right of action to cover any violation of […]
Google-Style GDPR Fines for Everyone? Bavarian DPA Conducts Website Cookie Practices Sweep, Announces Fines under Consideration
As has been widely reported, in late January the French privacy supervisor CNIL fined Google €50 million for privacy violations relating to targeted marketing using Android user data. One of the core violations the CNIL found was that Google’s Android user interface did not obtain effective, GDPR-compliant consent to targeted marketing from users. The amount […]
EU and Japan Publish a Joint Release on Their Mutual Adequacy Decisions
On January 23, 2019, the Personal Information Protection Commission of Japan (the “PPC”) and the European Commission (the “Commission”) jointly announced the adoption of the decisions recognizing each other’s personal data protection systems as equivalent. The Commission launched the process leading to the adoption of the adequacy decision in September 2018 and successfully completed the […]