In the fifth in our series of California developments, we turn to data broker obligations. There are two of note. First, the California privacy agency is moving forward Delete Act regulations it proposed earlier this year. (Its board voted to
Eye On Privacy
Timely Updates and Analysis on Privacy and Cybersecurity Issues
Latest from Eye On Privacy
California’s Privacy Regulator Had a Busy November, Cybersecurity Audits and Insurance Edition: What Does It Mean for Businesses?
In the fourth in our series of new CCPA regulations from California, we look at both cybersecurity audit obligations as well as the impact of the CCPA on the insurance industry.…
California’s Privacy Regulator Had a Busy November, Risk Assessment Edition: What Does It Mean for Businesses?
In the third in our series of new CCPA regulations from California, we look at obligations for conducting risk assessments under CCPA. CCPA had called on the California agency to promulgate rules to address such assessments, and when they would…
California’s Privacy Regulator Had a Busy November, Automated Decisionmaking Edition: What Does It Mean for Businesses?
In the second in our series of new CCPA regulations from California, we look at proposed rules for use of automated decisionmaking technology. As a reminder, CCPA discusses these technologies in relation to profiling, namely “any form of automated…
California’s Privacy Regulator Had a Busy November: What Does It Mean for Businesses?
The California Privacy Protection Agency released proposed CCPA rules for a variety of topics in November, as well as announcing an investigative sweep for compliance with the Delete Act. Topics include the following, which we cover in this week’s California-focused…
Click! FTC Updates Its Negative Option Rule
The FTC updated its Negative Option Rule last month and gave it a new name to emphasize the expanded scope of programs to which it applies. It will now be the “Rule Concerning Recurring Subscriptions and Other Negative Option Programs.”…
New York AG Settles EnforcemENT Action with ENT
The New York Attorney General’s Office recently settled with Albany ENT & Allergy Services over claims that the healthcare provider failed to protect over 200,000 consumers’ private health information. The claims stem from two ransomware attacks in 2023. The AG…
UK and US Issue Joint Statement on Children’s Privacy
The United Kingdom and the United States released a joint statement last month outlining plans focused on children’s online privacy. As indicated in the statement, they intend to engage national institutions and other organizations to support this work. They will…
How Legitimate Is Your Business Interest? The EDPB Has Some Thoughts
The European Data Protection Board issued draft guidelines last month that outline when processing can be considered done for “legitimate interest.” The public has until November 20 to provide comments to the draft.…
#StatusUpdate on Social Media, Apps, and Children’s Privacy
Regulations impacting children’s use of social media continues to be a space in motion the past few months. There have been developments at both the state level, as well as with the FTC. And there is no sign of slowing…