On February 9, 2024, the California Third District Court of Appeals in Sacramento overturned a lower court order that postponed enforcement of the California Privacy Protection Agency’s (CPPA) newest rules. The decision restores the authority of the CPPA and California Attorney General to enforce the latest regulations under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA) (“updated CCPA regulations”).Continue Reading California Appeals Court Moves Up Enforcement Date for Latest CCPA Regulations

In 2024, businesses will continue to face an evolving landscape of cyber threats, along with an increasingly complex regulatory environment. With heightened scrutiny from regulators, consumers, and investors, the need to bolster security measures and improve incident response capabilities has become even more important. Here’s our top 10 list of what to watch for from cybersecurity regulators in 2024:Continue Reading Cybersecurity: What to Watch for in 2024

2023 was one of the busiest years for privacy yet—with more to come in 2024. Five new U.S. state privacy laws (in Texas, Florida, Oregon, Montana, and Washington) will come into effect in 2024. And federal and state regulators are sure to focus on hot areas like artificial intelligence, children’s privacy, and the collection, use, and sharing of consumer health data, among others. Given this backdrop, here are our top 10 predictions for privacy regulation in 2024:Continue Reading U.S. Privacy Predictions: What to Watch for in 2024

On October 27, 2023, the Federal Trade Commission (FTC) announced it is amending the Safeguards Rule of the Gramm-Leach-Bliley Act (GLBA) to include a requirement for non-bank financial institutions to report certain data breaches and other security events to the agency.Continue Reading FTC Amends Safeguard Rule with Requirement for Non-Banking Financial Institutions to Report Data Security Breaches

On October 24, 2023, a bipartisan coalition of 33 states’ attorneys general filed suit against Meta Platforms, Inc., alleging in a lengthy complaint that Meta’s social media platform features are unsafe and designed to induce young users’ compulsive and extended use.[1] According to the complaint, which is currently heavily redacted, Meta engaged in a four-part “scheme” to exploit young users for profit. The alleged scheme involved the following:Continue Reading Coalition of States Sues Meta for Alleged Harms to Children and Teens, and Alleged COPPA Violations

On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) announced its long-awaited proposed rule regulating “Personal Financial Data Rights” (the proposed rule). The proposed rule implements Section 1033 of the Dodd-Frank Act, which provides consumers the right to access and port their financial information between banks and other financial entities. CFPB Director Rohit Chopra stated that the proposal would accelerate the shift towards open banking and jumpstart competition in the U.S. financial service sector by giving consumers “the power to walk away from bad service” and switch providers.Continue Reading CFPB Announces Proposed Rules to Accelerate Open Banking