On November 3, 2022, the California Privacy Protection Agency (“CPPA”) issued a notice of modifications to the Proposed Regulations implementing the California Privacy Rights Act (“CPRA”). These proposed modifications come in response to public comments on, and are meant to clarify, previously issued modifications. The modifications, which are largely based on the Modified Proposed Regulations […]
ePrivacy
FTC Issues Advance Notice of Proposed Rulemaking on Commercial Surveillance and Data Security
On August 22, 2022, the Federal Trade Commission (FTC) published its advance notice of proposed rulemaking (ANPR) to request public comment on commercial surveillance and data security practices. The ANPR comes at the same time as Congress is considering the federal American Data Privacy and Protection Act (ADPPA). The FTC seeks public comment on a […]
Colorado Issues Pre-Rulemaking Considerations for the Colorado Privacy Act
On April 12, 2022, the Colorado Department of Law (the “Department”) released its Pre-Rulemaking Considerations for the Colorado Privacy Act (the “CPA”), following state Attorney General Phil Weiser’s remarks at the International Association of Privacy Professionals’ (IAPP) Global Privacy Summit in Washington, D.C. The Department seeks informal input on several topics in addition to general […]
CPPA Expected Not to Meet CPRA Rulemaking Deadline
At a board meeting held by the California Privacy Protection Agency (CPPA) on February 17, 2022, Executive Director Ashkan Soltani announced that the CPPA does not expect to meet the July 1, 2022, statutory deadline for adopting final regulations under the California Privacy Rights Act. The CPPA plans to schedule meetings in March and April […]
September 27 Deadline Looming for EU Standard Contractual Clauses
On June 4th, the European Commission issued modernized Standard Contractual Clauses (SCCs) under the EU General Data Protection Regulation (GDPR) for data transfers from controllers or processors in the EU/EEA (or otherwise subject to the EU GDPR) to controllers or processors outside the EU/EEA (and not subject to the EU GDPR). The modernized SCCs will […]