Privacy

Subscribe to Privacy via RSS

On October 27, 2023, the Federal Trade Commission (FTC) announced it is amending the Safeguards Rule of the Gramm-Leach-Bliley Act (GLBA) to include a requirement for non-bank financial institutions to report certain data breaches and other security events to the agency.Continue Reading FTC Amends Safeguard Rule with Requirement for Non-Banking Financial Institutions to Report Data Security Breaches

Reflective of the Government’s increasing focus on cybersecurity, on October 3, 2023, the Federal Acquisition Regulation Council (FAR Council) released two new proposed rules that will have major impacts on federal contractors. These rules implement the May 2021 Executive Order on Improving the Nation’s Cybersecurity.1 One rule applies to any federal contractor that uses information and communications technology (ICT) systems in the performance of a federal contract, sets forth cybersecurity incident reporting requirements, and imposes a software bill of materials (SBOM) requirement. The other rule, which applies only to those federal contractors that provide or maintain a Federal Information System (FIS), is intended to standardize cybersecurity requirements for unclassified FISs.Continue Reading New Proposed Rules Published for Cyber Incident Reporting and Cybersecurity Requirements Will Have Major Impacts on Federal Contractors

On October 24, 2023, a bipartisan coalition of 33 states’ attorneys general filed suit against Meta Platforms, Inc., alleging in a lengthy complaint that Meta’s social media platform features are unsafe and designed to induce young users’ compulsive and extended use.[1] According to the complaint, which is currently heavily redacted, Meta engaged in a four-part “scheme” to exploit young users for profit. The alleged scheme involved the following:Continue Reading Coalition of States Sues Meta for Alleged Harms to Children and Teens, and Alleged COPPA Violations

California residents may soon be able to click “backspace” on data brokers doing business in the state. On October 10, 2023, California Governor Gavin Newsom signed Senate Bill 362, colloquially known as the Delete Act, into law. The statute amends the state’s existing data broker registration law and builds on the state’s primary privacy law, the California Consumer Privacy Act (CCPA), by adding to residents’ ability to exercise their personal information deletion rights. Most notably, the law establishes a one-stop mechanism where state residents will be able to request—in one verifiable request—that all data brokers delete their personal information.Continue Reading California Enacts One-Stop Mechanism for Data Broker Deletion Requests

Last week, the Federal Trade Commission (FTC) announced a proposed rule that would regulate a broad range of “junk fees” in consumer goods and services, from resort fees associated with travel and lodging, to delivery fees associated with meal and grocery delivery, to convenience fees associated with financial services (the proposed rule). The proposed rule would generally prohibit the omission of mandatory fees from advertised prices. If finalized, violations of the proposed rule could result in civil penalties of up to $50,120 per violation. The public has 60 days to comment after the proposal is published in the Federal Register.Continue Reading FTC Seeks Comments on Proposed Rule Requiring Disclosure of Fees in Consumer Goods and Services

The Online Safety Bill (OSB or Bill) passed its final reading in the UK’s Parliament in September 2023. The Bill will become law in the coming weeks, ushering in a new era for the regulation of digital services in the UK. Online platforms and search services that fall within the scope of the legislation will be subject to proactive content risk assessment and mitigation duties oriented at protecting users, regardless of where those services are established. The Bill has attracted considerable media attention due to its anticipated impact on the operation of online services in the UK, as well as the potential for it to interfere with freedom of speech.Continue Reading Flagship Online Safety Bill Moves Closer to Enactment in the UK: Who Will Be in Scope and What Will It Require?