On October 1, 2024, the Maryland Age-Appropriate Design Code (Maryland AADC) became effective. The Maryland AADC introduces onerous new compliance requirements on companies that are reasonably likely to be accessed by minors under the age of 18.Continue Reading Maryland Age-Appropriate Design Code Effective October 1, 2024
On September 13, 2024, the Colorado Attorney General’s office (the Colorado Department of Law) proposed draft amendments (draft regulations) to its Colorado Privacy Act (CPA) regulations, which took effect
Continue Reading Colorado Department of Law Proposes Amendments to the Colorado Privacy Act Regulations Regarding Biometric and Minors’ Data
On September 10, 2024, the European Commission (EC) offices in charge of the enforcement of the Digital Markets Act (DMA) and the European Data Protection Board (EDPB)—the European body composed of all EU data protection regulators that oversees the consistent application of the General Data Protection Regulation (GDPR)—announced that they intend to provide guidance on the interplay between the DMA and GDPR.Continue Reading EU Agencies to Develop Guidance on the Interplay Between the DMA and GDPR
As cyberattacks become more sophisticated, cybersecurity remains a top concern for regulators, consumers, business partners, and investors. Weak security can cause substantial harm to a company and lead to litigation, reputational damage, and hefty fines. Against that background, the EU is introducing stricter regulations that require robust cyber resilience, mandate board oversight on cybersecurity strategy, and hold board members personally liable for weak security practices.Continue Reading Cybersecurity: A Critical Element in Your 2025 Business Forecast
The Federal Communications Commission (FCC) recently issued a unanimous Notice of Proposed Rulemaking and Notice of Inquiry targeting the use of AI-related technologies for communicating with consumers.1 In the proposed rule, the FCC seeks to impose a broad definition for AI technologies subject to the requirements of the Telephone Consumer Protection Act (TCPA). Companies using technology falling within the FCC’s proposed definition would be required to make certain disclosures under the TCPA to notify consumers that they are communicating with AI-technology. This proposal is the latest move by the FCC to tackle its largest source of consumer complaints: unwanted and illegal robocalls and robotexts.2 The proposed new rule may require companies to modify their current approach in engaging with consumers through AI-generated calls and/or texts, including potentially altering their current practices in collecting consent where necessary.Continue Reading FCC Issues Notice of Proposed Rulemaking Regarding the Use of AI-Generated Technologies for Consumer Communications
On August 14, 2024, the Federal Trade Commission (FTC) issued a final rule that prohibits publishing or trading in fake or misleading consumer reviews and testimonials, or engaging in other related deceptive promotional tactics. Notably, under the FTC’s new rule, the commission will be authorized to seek civil penalties against violators.Continue Reading FTC Issues Final Rule Banning Fake and Misleading Consumer Reviews and Testimonials