Data Protection

Tennessee Law Designed to Combat Deepfakes Set to Take Effect in July

June 10, 2024 By Kim Peretti and Andrew Rice

On July 1, 2024, the Tennessee Ensuring Likeness, Voice, and Image Security Act of 2024 (“ELVIS Act” or “the Act”) will go into effect, bolstering the limitations on the unauthorized commercial use of an individual’s voice. The Act, which amends the Tennessee Personal Rights Protection Act of 1984, was enacted in response to the growing […]

CISA Posts Notice of Proposed Rulemaking Under CIRCIA

April 7, 2024 By Kim Peretti and Kristen Bartolotta

On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) published a notice of proposed rulemaking (NPRM) implementing the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA). For additional background on CIRCIA, see our prior advisory. CISA is required to issue a final rule by October 4, 2025. Who is required to report covered […]

FTC Denies an Application to Add a New Verifiable Parental Consent Mechanism Under COPPA Rule Without Prejudice

April 2, 2024 By Maki DePalo and Hyun Jai Oh

On March 29, 2024, the Federal Trade Commission (the “FTC”) published a unanimous decision to deny an application by the Entertainment Software Rating Board, Yoti, and SuperAwesome (collectively, the “Applicants”) to add a new verifiable parental consent (“VPC”) mechanism under the Children’s Online Privacy Protection Rule (“COPPA Rule”). The application, which our previous blog post […]

China Releases Updated Regulations on Permits Needed for Transferring Data out of China

April 2, 2024 By Daniel Felz and Yin Tydir

On March 22, 2024, the Cyberspace Administration of China (CAC) published the Regulations on Promoting and Regulating Cross-border Data Flow (the “Regulations”), effective immediately. The Regulations supplement China data protection laws (the Cybersecurity Law, the Data Security Law, and the Personal Information Protection Law), and take precedence over previously-issued data transfer rules, such as (a) […]

State AGs and Other Stakeholders Weigh In On Proposed COPPA Rule Update

March 14, 2024 By Karen Sanzaro and Hyun Jai Oh

The Federal Trade Commission (FTC) received over 270 comments to its notice of proposed rulemaking (NPRM) for the amendments to the Children’s Online Privacy Protection Rule (COPPA Rule) during the public comment period that ended on March 11, 2024. The NPRM reflects the FTC’s continued effort to modernize the COPPA Rule, which implements the Children’s […]