Agency Search 
Site Search Privacy-Related Content
Federal Judge Grants Preliminary Injunction for California Age-Appropriate Design Code |
On September 18, 2023, federal district court judge Beth Freeman granted a preliminary injunction to block the California Age-Appropriate Design Code Act (CAADCA), on the grounds that it violates the First Amendment. Specifically, the court found unconstitutional the AADC’s provisions on (1) mandatory Data Protection Impact Assessments (DPIA), (2) age estimation, (3) high default privacy […]
FTC Releases New “Staff Perspective” Paper on Harms to Kids and Teens from Stealth Advertising in Digital Media
On September 14, 2023, the Federal Trade Commission (FTC) issued a new staff paper that recommends that advertisers, social media influencers, and others who market or promote products online to children should avoid blurring advertising by clearly separating advertising and entertainment, educational, and other content to help limit potential negative effects to children. The paper […]
State Legislation to Watch: California’s SB 362 — the DELETE Act |
California lawmakers are looking to advance new legislation that, if enacted, would impose new limitations on data brokers that collect and sell personal information about consumers from the internet, public records, and other sources. Starting in August 2026, SB 362, or the DELETE Act, would direct the California Privacy Protection Agency to create a universal […]
FTC and HHS OCR Send Warning Letters to Hospital Systems and Telehealth Providers about Use of Online Tracking Technologies |
On July 20, 2023, the Department of Health and Human Services’ Office for Civil Rights (OCR) and the Federal Trade Commission (FTC) sent a letter to approximately 130 health systems and telehealth providers emphasizing the privacy and security risks associated with the use of online tracking technologies (i.e. Meta/Facebook pixel and Google Analytics) for the […]
California AG Issues Inquiries to Large Employers Regarding CCPA Compliance with Employee and Job Applicant Data Provisions |
On July 14, 2023, California Attorney General Rob Bonta announced an investigative sweep with written inquiry letters sent to large California employers requesting information regarding the companies’ compliance with the employee data provisions of the California Consumer Privacy Act (CCPA). AG Bonta’s letters specifically address businesses’ compliance with the CCPA’s legal protections governing the handling […]
July 2023 State Privacy Law Roundup: Indiana, Tennessee, Montana, Florida, Texas, Oregon, and Delaware Legislatures Pass Comprehensive Data Privacy Laws |
As is expected without a federal pre-emptive standard, the state data privacy law landscape continues to become more complex. In May and June 2023, seven new states enacted comprehensive consumer data privacy laws, bringing the new total count to thirteen states as of the date of publication. On May 1, 2023, Indiana Governor Eric Holcomb […]
California Court Issues Order to Delay Enforcement of CPRA Regulations Until March 2024 |
On June 29, the California Superior Court in Sacramento issued a court order providing for a postponement of the enforcement of final California Privacy Rights Act (CPRA) regulations for 12 months until after the regulations were finalized (i.e. March 29, 2024). This order affects 12 of the 15 areas of the CPRA for which rulemaking […]
FTC Proposes Changes to Health Breach Notification Rule to Strengthen Health App Applicability |
On May 18, 2023, the Federal Trade Commission (FTC) announced its intention to issue proposed amendments to the federal Health Breach Notification Rule (HBNR), with the goal of trying to improve patient privacy protections for Americans utilizing digital health apps. The proposed changes to the rule come as business practices and technological developments increase both […]
Arkansas Governor Signs Social Media Age Verification Bill
On April 12, Arkansas Gov. Sarah Huckabee Sanders (R) signed SB 396, the Social Media Safety Act, which advanced out of the state legislature on April 6, 2023. SB 396 will take effect on September 1, 2023. SB 396 requires social media companies, through independent, thirty party contractors, to verify the ages of new users […]
California Privacy Regulations Finalized; Industry Lawsuit Filed to Delay Enforcement |
On March 30, 2023, the California Privacy Protection Agency (CPPA) announced that California’s Office of Administrative Law (“OAL”) approved the CPPA’s substantive rulemaking package to implement the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (CPRA). The finalized rules contain no substantive changes to the rulemaking package […]
State Legislation to Watch: Washington State Health Data Privacy Bill |
In early March, lawmakers in Washington state’s House passed the My Health My Data Act (HB 1155) which seeks to implement sweeping changes to how companies treat the consumer health data of Washington residents.” The act would prohibit websites and apps from collecting consumer health data without user consent and prevent the sale of such […]
Iowa Legislature Passes Sixth State Privacy Law
On March 15, 2023 the Iowa legislature unanimously advanced the country’s sixth state comprehensive data privacy law, SF 262. Governor Reynolds signed the legislation on March 28, 2023. SF 262 will go into effect on January 1, 2025. Covered entities are subject to SF 262 if they control or process personal data on 100,000 Iowan consumers […]