Privacy

California Privacy Protection Agency Releases Draft Regulations on Risk Assessments

September 27, 2023 By Dorian Simmons and Hyun Jai Oh

On August 28, 2023, the California Privacy Protection Agency (the “Agency”) released two sets of draft regulations under the California Consumer Privacy Act (the “CCPA”), one for risk assessments and another for cybersecurity audits, as part of the Agency’s informal rulemaking process. We discuss the draft cybersecurity audits in California Proposes Annual Audits to Assess […]

Oregon Enacts Comprehensive State Privacy Law

September 15, 2023 By Dorian Simmons and John Heflin

On July 18, 2023, Oregon Governor Tina Kotek signed the Oregon Consumer Privacy Act (SB 619)(“OCPA”) into law, making Oregon the eleventh state to enact a comprehensive state privacy law. OCPA will take effect on July 1, 2024, however the effective date for covered non-profits is delayed until July 1, 2025. While OPCA aligns with […]

Oregon Becomes the Fourth State to Enact a Data Broker Law

August 11, 2023 By Maki DePalo and Hyun Jai Oh

Oregon Governor Tina Kotek signed into law the Bill Relating to Registration of Business Entities that Qualify as Data Brokers (HB 2052) (the “Act”) on July 27, 2023. Effective January 1, 2024, the Act will require data brokers to annually register with the Oregon Department of Consumer and Business Services (the “Department”). The Act makes […]

FTC Launches Investigation into Creator of ChatGPT

July 25, 2023 By Kim Peretti, Kathleen Benway, Daniel Felz and Kristen Bartolotta

In mid-July, the Federal Trade Commission (FTC) reportedly opened an investigation into OpenAI, the maker of ChatGPT, sending the company an extensive Civil Investigative Demand (CID). While FTC investigations are normally non-public, the Washington Post published what appears to be part of the CID sent from the FTC to OpenAI. This investigation comes on the […]

FTC Seeks Comments on a New Verifiable Parental Consent Mechanism Under COPPA

July 24, 2023 By Kathleen Benway, Maki DePalo and Hyun Jai Oh

On July 19, 2023, the Federal Trade Commission (the “FTC”) announced that it is seeking comment on an application for a new verifiable parental consent mechanism under the Children’s Online Privacy Protection Act (“COPPA”). The application, submitted jointly by the Entertainment Software Rating Board, Yoti, and SuperAwesome (collectively, the “Applicants”), requests the FTC to approve […]