Regulators of data privacy laws have expressed a desire in recent months to intensify enforcement around opt-out preference signals, also known as universal opt-out mechanisms (the “Opt-Out Signals”). Opt-Out Signals allow consumers to automatically opt-out of the sale and sharing of personal information for targeted advertising across all websites they may visit through an internet... Continue Reading| Password Protected
After years of waiting, the U.S. Department of Defense (DoD) posted to the Federal Register for public inspection on Sept. 9, 2025, a final| Password Protected
In 2020, California was the first mover in state comprehensive privacy law legislation, a distinction it held for approximately three years before other| Password Protected
Amazon’s recent announcement to invest at least $20 billion in cloud computing and AI data center campuses across Pennsylvania — a record‑breaking private| Password Protected
On May 20, 2025, the Senate cleared procedural obstacles to consider the GENIUS Act on the Senate floor. Originally introduced on Feb. 4, by Senator Bill| Password Protected
On June 3, 2025, the California Senate unanimously voted to amend the California Invasion of Privacy Act (“CIPA”) to exclude cookies and other commonly| Password Protected
In a recent decision, the U.S. District Court for the Northern District of California has construed the private right of action provision under the| Password Protected
On March 7, 2025, the California Privacy Protection Agency (“CPPA”), which is tasked with enforcing the California Consumer Privacy Act (“CCPA”) entered a Stipulated Final Order (“Order”) with American Honda Motor Co., Inc. (“Honda”), fining Honda $632,500. This Order is instructive as to CPPA’s views on various topics covered by the CCPA. Among other things,... Continue Reading| Password Protected
On January 10, 2025, in the waning days of the Biden Administration, the Consumer Financial Protection Bureau issued a Request for Information Regarding the Collection, Use, and Monetization of Consumer Payment and Other Personal Financial Data. The Request signals the Bureau’s strong concern with the ways financial institutions, and particularly new financial tools like widespread... Continue Reading| Password Protected
The Federal Communications Commission (FCC) announced on Jan. 24, 2025, that its highly anticipated one-to-one consent rule was postponed by at least one year. This is big news for companies that were gearing up for the implementation of the rule, which would have significantly altered the requirements for obtaining consent to place calls or text... Continue Reading| Password Protected
In response to increased cybersecurity threats and significant regulatory enforcement actions, on Dec. 27, 2024, the Department of Health and Human| Password Protected
On Oct. 22, 2024, the Securities and Exchange Commission (SEC) announced settled charges against four current and former public companies, Unisys, Avaya| Password Protected
A study by the International Association of Privacy Professionals has found that 28,000 data protection officers (DPO) will be needed in the next two| Password Protected
On Feb. 6, 2024, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced a $4.75 million settlement with New York non-profit health system Montefiore Medical Center over alleged malicious insider conduct that caused potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. This settlement follows two other recent investigations that led to OCR’s first-ever settlements stemming from ransomware and phishing...| Password Protected