Since the invalidation of the Privacy Shield framework in 2020 in the “Schrems II” case, the EU and the U.S. have been working to set up a new framework for data flows from

Continue Reading EU Regulators Adopt Opinion on Draft EU-U.S. Data Privacy Framework

On February 1, 2023, the European Commission (EC) published Guidance on the requirement to publish user numbers under the Digital Services Act (DSA).1 The Guidance contains important information for providers of online platforms and

Continue Reading DSA: European Commission Publishes Guidance on Requirement to Publish User Numbers Ahead of February 17, 2023, Deadline

On February 1, 2023, the Federal Trade Commission (FTC) announced a complaint against and proposed settlement agreement (the “proposed order”) with GoodRx, a digital health company, over its data sharing practices that allegedly

Continue Reading FTC Announces First Enforcement Action Under the Health Breach Notification Rule Against GoodRx

On January 27, 2023, the Colorado Attorney General’s (Colorado AG) office released the third version of its proposed draft rules (third draft) for the Colorado Privacy Act (ColoPA) based on public comments it received on

Continue Reading Colorado Attorney General’s Office Releases Third Version of Draft Rules for Colorado Privacy Act: Key Takeaways