In this initial episode of Ballard Spahr’s new privacy and data security webcast series, Phil Yannella and Greg Szewczyk – co-chairs of the Privacy & Data Security Group – discuss regulatory scrutiny concerning the use of “dark patterns” to steer
CyberAdviser
Insights from the frontlines of privacy and data security law
Latest from CyberAdviser
Connecticut Poised To Become Fifth State to Enact a Privacy Law
Connecticut is the next in a growing list of states to pass comprehensive data privacy legislation. Last Friday, the Connecticut legislature passed, by large margins, Senate Bill 6 — which we are referring to as the Connecticut Data Privacy Act…
Colorado’s New Auto-Renewal Law
Businesses with automatic renewal contracts—including subscriptions—should take note of Colorado’s new law that went into effect earlier this year on January 1, 2022. While companies subject to other state’s auto-renewal laws and the Restore Online Shoppers’ Confidence Act (“ROSCA”) will…
Financial Institutions Face Increasingly Stringent Federal Breach Reporting Requirements
The last few months have seen a flurry of new federal cybersecurity incident reporting requirements and proposals impacting private entities in the financial sector. As the number and frequency of cyber attacks continue to grow, regulators have attempted to enhance…
FTC Chair Announces New Privacy Approach
In a series of recent statements and releases, Lina Khan, the Chair of the FTC, made clear the Commission’s intention to revamp its oversight of consumer data privacy and establish more substantive limits on commercial data collection and processing activities.…
Are Inferences Trade Secrets Under the CCPA?
The California AG recently released its first Opinion interpreting the California Consumer Privacy Act (CCPA), highlighting a brewing conflict over the inferences that businesses generate about their consumers. This Opinion addresses the question of whether Right to Know requests extend…
Are Inferences Trade Secrets Under the CCPA?
The California AG recently released its first Opinion interpreting the California Consumer Privacy Act (CCPA), highlighting a brewing conflict over the inferences that businesses generate about their consumers. This Opinion addresses the question of whether Right to Know requests extend…
CO AG Announces Pre-Rulemaking Considerations for CPA

At the IAPP Global Privacy Summit, Colorado Attorney General Phil Weiser announced the principles that would guide the CPA rulemaking process, after which his office published a white paper entitled Pre-Rulemaking Considerations for the CPA. In the white paper,…
Webinar — Ballard Partner Phil Yannella to Join Discussion of New Proposed SEC Cyber Rules for Investment Advisors
Since the beginning of the year, the SEC has issued several sets of proposed rules governing cybersecurity. In an upcoming webinar, Ballard Privacy & Data Security partner Phil Yannella will join a panel discussion hosted by SEI Investments concerning…
Cyber Incident Reporting for Critical Infrastructure Act Becomes Law

On March 15, 2022, President Joe Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), which increased funding for the federal Cybersecurity and Critical Infrastructure Agency (CISA) and outlined new rules and requirements for companies and…