The Federal Trade Commission (FTC) received over 270 comments to its notice of proposed rulemaking (NPRM) for the amendments to the Children’s Online Privacy Protection Rule (COPPA Rule) during the public comment period that ended on March 11, 2024. The NPRM reflects the FTC’s continued effort to modernize the COPPA Rule, which implements the Children’s […]
Privacy
Declassified Intelligence Community Letters Highlight Importance of Monitoring Outbound Data Flows
On January 25, 2024, Senator Ron Wyden (D-OR) released documents that confirm U.S. intelligence agencies are purchasing location and other sensitive personal information from data brokers without the consent of the data subjects. The FTC has recently gone after data brokers who collect and sell the sensitive location data of consumers without their express consent, […]
Washington AG’s Office Updates FAQs for My Health My Data Act
The Office of the Attorney General of Washington (the “AG”) has updated the Frequently Asked Questions (the “FAQs”) for the Washington My Health My Data Act (the “Act” or “Washington Act”) to provide guidance on the AG’s position concerning whether businesses must publish standalone consumer health data privacy policies under the Act. The update, first […]
Making (Brain) Waves: New Colorado Legislation Poised to Protect Privacy of Neural Data
Neurotechnology, like wearable EEG headbands and invasive brain implants, collects information from electrical nerve impulses and brain waves derived from your brain, spinal cord, or nervous system. This information, or neurodata, is valuable, unique, potentially individually identifiable, and has the potential to provide access to a person’s memories, biases, and intentions. (For more information, see […]
Colorado AG Recognizes Global Privacy Control as the First Valid Universal Opt-Out Mechanism
On December 29, 2023, the Colorado Attorney General (the “AG”) announced that the Global Privacy Control (“GPC”) will become the first universal opt-out mechanism (“UOOM”) the AG considers valid under the Colorado Privacy Act (the “CPA”). Effective July 1, 2024, controllers subject to the CPA will need to treat Colorado consumers’ privacy preferences submitted through […]