Edward Holman

Subscribe to Edward Holman's Posts

On January 27, 2023, the California Attorney General (California AG) Rob Bonta announced an “investigative sweep” of mobile apps in retail, travel, and food service industries for failing to provide a mechanism for—or honor—consumers’ opt-out

Continue Reading California AG Targets Mobile Apps for Failing to Honor or Provide Mechanism for Opt-Out Requests

On December 21, 2022, the Colorado Attorney General’s office published an updated version of proposed draft rules (“modified draft rules”) to the Colorado Privacy Act (ColoPA), which revise the initial draft rules issued in October

Continue Reading Colorado Attorney General’s Office Releases Modified Draft Rules for Colorado Privacy Act: Key Takeaways

On November 15, 2022, the Federal Trade Commission (FTC) announced it is extending the deadline for covered financial institutions to comply with the updated Safeguards Rule of the Gramm-Leach-Bliley Act (GLBA) by six months.

The

Continue Reading FTC Extends Deadline to Comply with the Updated Safeguards Rule Until June 9, 2023

Written Comments Due by November 21

On November 3, 2022, the California Privacy Protection Agency (CPPA, or the Agency) issued modified proposed regulations implementing the California Privacy Rights Act (CPRA),[1] which revise the

Continue Reading California Privacy Protection Agency Releases Modified Proposed CPRA Regulations: An In-Depth Analysis

On October 10, 2022, the Colorado Secretary of State published draft rules for the Colorado Privacy Act (ColoPA) in the Colorado Register, thus initiating a public comment period that will run through February 1, 2023.

Continue Reading Colorado Attorney General Issues Draft Rules for the Colorado Privacy Act

On August 30, 2022, the California legislature passed the California Age-Appropriate Design Code Act (the Act). Modeled after the UK’s Age-Appropriate Design Code, California’s act drastically changes the landscape of online privacy and content availability for minors in California. The Act goes beyond the current federal protections of the Children’s Online Privacy Protection Act (COPPA) and could impose onerous new requirements on companies that were and were not previously covered by COPPA. These requirements include, among other things, estimating the ages of minors using the company’s online services; conducting detailed Data Protection Impact Assessments (DPIAs) for new and existing products; significantly restricting the collection, use, and sharing of minors’ personal information; and configuring default privacy settings to a “high level of privacy.” If the bill is signed into law by Governor Newsom, the Act would come into effect July 1, 2024.
Continue Reading California Legislature Passes Far-Reaching Online Privacy and Content Regulation Bill for Minors