Privacy & Cybersecurity Litigation

California AG Announces $500,000 Settlement with Mobile Game App Company for Unlawful Collection and Sharing of Children’s Data

July 15, 2024 By Maki DePalo, Jennifer Everett, Dorian Simmons and Hyun Jai Oh

On June 18, 2024, California Attorney General (“AG”) Rob Bonta and Los Angeles City Attorney Hydee Feldstein Soto announced a settlement with a video game developer and publisher regarding allegations that the company violated the California Consumer Privacy Act (the “CCPA”), the federal Children’s Online Privacy Protection Act (“COPPA”) and California’s Unfair Competition Law (the […]

Data Breach Notification Requirements under the Safeguards Rule Now in Effect

June 11, 2024 By Daniel Felz and Dorian Simmons

For years, the Gramm-Leach-Bliley Act (GLBA) has required financial institutions to maintain reasonable safeguards for consumer data, but has only had limited breach-reporting requirements. To the extent financial institutions were subject to breach-reporting obligations, these were set by non-GLBA legislation, such as state law, or by relatively narrow incident-reporting rules under Interagency Guidelines overseen by […]

FTC Denies an Application to Add a New Verifiable Parental Consent Mechanism Under COPPA Rule Without Prejudice

April 2, 2024 By Maki DePalo and Hyun Jai Oh

On March 29, 2024, the Federal Trade Commission (the “FTC”) published a unanimous decision to deny an application by the Entertainment Software Rating Board, Yoti, and SuperAwesome (collectively, the “Applicants”) to add a new verifiable parental consent (“VPC”) mechanism under the Children’s Online Privacy Protection Rule (“COPPA Rule”). The application, which our previous blog post […]

More Guidance from HHS on Online Tracking Technologies but Questions Remain

March 20, 2024 By Daniel Felz and David Keating

Health and Human Services (“HHS”) released updated guidance yesterday on the use of online tracking technologies (like cookies, pixels, software development kits (SDKs), etc.) by HIPAA Covered Entities (the “Updated Guidance”). The Updated Guidance amends and supersedes HHS’s original guidance on the use of digital tracking technologies published on December 1, 2022 (the “Prior Guidance”). […]

State AGs and Other Stakeholders Weigh In On Proposed COPPA Rule Update

March 14, 2024 By Karen Sanzaro and Hyun Jai Oh

The Federal Trade Commission (FTC) received over 270 comments to its notice of proposed rulemaking (NPRM) for the amendments to the Children’s Online Privacy Protection Rule (COPPA Rule) during the public comment period that ended on March 11, 2024. The NPRM reflects the FTC’s continued effort to modernize the COPPA Rule, which implements the Children’s […]