Privacy

Ninth Circuit Addresses Personal Jurisdiction Based on E-Commerce Data Collection in En Banc Decision

April 24, 2025 By Rachel Lowe, Erin Edwards, Leila Knox and Jared Allen

A recent decision by the Ninth Circuit Court of Appeals in Briskin v. Shopify, Inc., No. 22-15815, could impact the scope of personal jurisdiction over e-commerce and other entities that utilize cookies to collect personal information from visitors to the entities’ websites, particularly in California. Although the impact of the case remains to be seen, […]

FTC Publishes Amendments to COPPA Rule

April 22, 2025 By Maki DePalo and Hyun Jai Oh

On April 22, 2025, the Federal Trade Commission (FTC) published the finalized amendments (Amendments) to the Children’s Online Privacy Protection Rule (COPPA Rule) that would impose additional restrictions on website and online service operators that collect personal information from children under the age of thirteen. The Amendments will become effective on June 23, 2025. Operators […]

State Regulators Form Privacy Law Implementation and Enforcement Group

April 17, 2025 By David Keating and Dorian Simmons

Eight state regulators have established a coalition called the Consortium of Privacy Regulators to collaborate on the implementation and enforcement of their privacy laws. According to announcements from the California Privacy Protection Agency (“CPPA”) and California Attorney General Rob Bonta, the Consortium aims to coordinate enforcement efforts, share priorities, and discuss developments in privacy law. […]

To Delete or Not to Delete: Can 23andMe Really Sell Genetic Data Via Bankruptcy?

April 7, 2025 By Daniel Felz, Joyce Gresko, William Sugden, Kennedy Bodnarek, Anna von Spakovsky and Sara Pullen

On March 23, 2025, 23andMe Holding Co. (“23andMe”) filed for bankruptcy in the Eastern District of Missouri, potentially setting in motion the sale of genetic data collected from more than 15 million people. This has led to news outlets and state Attorneys General encouraging consumers to delete their 23andMe data before it is sold as […]

European Commission Moves to Extend Free Flows of Personal Data to the UK

March 24, 2025 By Paul Greaves and Kelly Hagedorn

On March 18, 2025, the European Commission proposed to extend its adequacy decision in favor of the United Kingdom (‘UK’) for an additional six-month period. This would allow free flows of personal data from the EU to the UK to continue until December 2025. The existing adequacy decision – which was adopted in 2021 in […]