Rebecca Weitzel Garcia

Subscribe to Rebecca Weitzel Garcia's Posts

On February 25, 2026, the Federal Trade Commission (FTC) issued an enforcement statement to promote the use of age verification technologies on the heels of its January 28 workshop on the topic. The workshop explored issues related to age verification and how these innovative tools could be used in furtherance of child safety without creating liability under the Children’s Online Privacy Protection Act (COPPA) and its implementing rule (the COPPA Rule).Continue Reading FTC Promotes Age Verification in Children’s Privacy Enforcement Statement

As we ring in the new year, we want to make you aware of key issues that we expect lawmakers and regulators to focus on this year. Below are the top U.S. data, privacy, and cybersecurity issues to watch out for in 2026:Continue Reading 2026 Year in Preview: U.S. Data, Privacy, and Cybersecurity Prediction

In 2025, lawmakers and enforcement agencies around the globe have kept one issue firmly in the spotlight: the privacy and safety of minors online. This heightened focus shows no sign of abating, with early indications that companies should expect to see more legislative and regulatory initiatives in the year ahead.

In this post, we identify some of the key developments over the last 12 months and outline our predictions about what the next year may bring.Continue Reading 2026 Year in Preview: Global Minors’ Privacy and Online Safety Predictions

On November 6, 2025, the CaliforniaConnecticut, and New York Attorneys General (collectively, the “Attorneys General”) announced a settlement with Illuminate Education, Inc. to resolve allegations that the company violated state privacy laws following a student data breach. The settlement marks the first enforcement actions under the California K-12 Pupil Online Personal Information Protection Act (KOPIPA, formerly known as SOPIPA) and Connecticut’s Student Data Privacy Law, and also constitutes the second major enforcement action under New York Education Law § 2-d.Continue Reading EdTech Provider Agrees to $5.1 Million Settlement with Three State Attorneys General over Student Data Breach

We are less than a month into the new Trump administration and are seeing an unprecedented wave of activity and major changes at federal agencies. These changes promise to bring significant disruption to the staff and negatively impact the typical activities of numerous agencies, including the nation’s consumer protection watchdog, the Federal Trade Commission (FTC). As discussed below, we expect the impact on the FTC to be significant given the rapid and aggressive moves by the new administration. And we expect state Attorneys General (AGs) to step in to fill the gap.Continue Reading Consumer Protection Update: With Disruption at the Federal Level, State Attorneys General Are Likely to Loom Large

Companies that may have child users, or whose competitors have child users, take note. On January 16, 2025, the Federal Trade Commission (FTC) announced the final amendments to the Children’s Online Privacy Protection Rule (COPPA Rule). At a high level, the COPPA Rule requires websites or online services to provide notice and obtain verifiable parental consent before collecting information from children under the age of 13. The Rule’s amendments slightly expand the Rule’s scope, change the previous notice and consent provisions, and implement new data security requirements. Violations of the Rule would be subject to $53,088 in civil penalties per violation.Continue Reading New Federal Children’s Privacy Requirements Are Not Child’s Play: FTC Amends COPPA Rule, Imposing New Obligations on Child-Directed Services

With Inauguration Day just around the corner, we are likely to see a host of new legislative and enforcement initiatives at the federal level. The Federal Trade Commission (FTC) will shift certain priorities under incoming Chairman Andrew Ferguson’s direction. And at the state level, legislatures and state attorneys general (state AGs) will continue to be active, enacting and enforcing a slate of new laws. As we ring in the new year, companies should be mindful of the new laws, regulations, and enforcement priorities that will likely impact them. Below are the top 10 U.S. privacy, cybersecurity, and consumer protection developments to watch out for in 2025:Continue Reading New Year, New Developments: 2025 U.S. Privacy, Cybersecurity, and Consumer Protection Predictions