On January 27, 2023, the California Attorney General (California AG) Rob Bonta announced an “investigative sweep” of mobile apps in retail, travel, and food service industries for failing to provide a mechanism for—or honor—consumers’ opt-out
Continue Reading California AG Targets Mobile Apps for Failing to Honor or Provide Mechanism for Opt-Out RequestsCybersecurity
2023 U.S. Cybersecurity Predictions
Given that cyberattacks continue to be sophisticated and severe, and cybersecurity continues to be a top concern for regulators, consumers, business partners, and investors, companies should be proactive and devote adequate resources to their security…
Continue Reading 2023 U.S. Cybersecurity PredictionsCouncil of the EU Proposes Amendments to Draft AI Act
On December 6, 2022, the European Union’s (EU) Regulation on Artificial Intelligence (AI Act) progressed one step towards becoming law when the Council of the EU (the Council) adopted their amendments to the draft act…
Continue Reading Council of the EU Proposes Amendments to Draft AI ActCalifornia Privacy Protection Agency Releases Modified Proposed CPRA Regulations: An In-Depth Analysis
Written Comments Due by November 21
On November 3, 2022, the California Privacy Protection Agency (CPPA, or the Agency) issued modified proposed regulations implementing the California Privacy Rights Act (CPRA),[1] which revise the…
Continue Reading California Privacy Protection Agency Releases Modified Proposed CPRA Regulations: An In-Depth AnalysisPresident Biden Signs Executive Order to Implement the New EU-U.S. Data Privacy Framework
On October 7, 2022, President Biden signed an Executive Order (Order) on Enhancing Safeguards for United States Signals Intelligence Activities. This marks the latest step towards the new EU-U.S. Data Privacy Framework (Framework), a replacement…
Continue Reading President Biden Signs Executive Order to Implement the New EU-U.S. Data Privacy Framework
European Commission Proposes New EU Cybersecurity Rules for Software and Hardware Products
On September 15, 2022, the European Commission (EC) published a Proposal for a Cyber Resilience Act (CRA Proposal) that sets out new rules in the European Union (EU) for software and hardware products and their remote data processing solutions. The CRA Proposal introduces mandatory cybersecurity-related requirements and reporting obligations, including about product vulnerabilities, for manufacturers, importers, and distributors of such products. The potential sanctions include product withdrawal from the EU market and fines of up to EUR 15 million or 2.5 percent of total worldwide annual turnover for the preceding year.
Continue Reading European Commission Proposes New EU Cybersecurity Rules for Software and Hardware Products