Across Europe and other countries, there are numerous data protection authorities with differing goals and enforcement powers. Until 2020, when the California Privacy Rights Act (which amended the California Consumer Privacy Act) (collectively the CCPA) went into effect, did the U.S. government or any states have any similar data protection authorities like Europe; then came
consumer privacy
Privacy Tip #399 – Nebraska AG Sues TikTok for Violations of Consumer Protection Laws
To add to TikTok’s legal woes in the U.S., Nebraska Attorney General Mike Hilgers (AG) filed suit against TikTok on May 22, 2024, alleging that TikTok violated Nebraska’s consumer protection laws and engaged in deceptive trade practices by “designing and operating a platform that is addictive and harmful to teens and children.” In addition, the…
Congress Introduces Promising Bipartisan Privacy Bill
U.S. Senator Maria Cantwell (D-WA) and U.S. Representative Cathy McMorris Rodgers (R-WA) have made a breakthrough by agreeing on a bipartisan data privacy legislation proposal. The legislation aims to address concerns related to consumer data collection by technology companies and empower individuals to have control over their personal information.
The proposed legislation aims to restrict…
Universal Opt-Out Mechanism for Consumers in Colorado
Similar to the well-known California Consumer Privacy Act, on July 1, 2024, the Colorado Privacy Act (CPA) goes into effect and will provide Colorado residents with express rights over their data collected by businesses. The CPA requires businesses to provide consumers with an option to opt-out of the sale of their personal information or sharing…
Privacy Tip #385 – 23andMe Sends Letter to Data Breach Victims that Suing Over Breach is Futile
We previously alerted readers to the fact that the most recent data compromise of 23andMe exposed data related to Ashkenazi Jews and individuals of Chinese descent. It is reported by Ars Technica, citing TechCrunch, that “nearly half of 23andMe’s 14 million users’ [information] was hacked,” estimated at 6.9 million users.
23andMe is notifying affected users.
FTC Prohibits X-Mode Social/Outlogic from Selling Sensitive Location Data
On January 9, 2024, the Federal Trade Commission (FTC) announced its settlement with X-Mode Social and its successor Outlogic that will prohibit them “from sharing or selling any sensitive location data that could be used to track people’s visits to sensitive locations such as medical and reproductive health clinics, places of religious worship and domestic…
Landmark Decision by United Arab Emirates DIFC in CCPA Data Protection Adequacy Decision
Earlier this month, the Commissioner of Data Protection of the Dubai International Financial Centre (DIFC), a financial free-zone in the United Arab Emirates (UAE), issued the first adequacy decision regarding the California Consumer Privacy Act (CCPA), which recognizes the CCPA as an equivalent to the DIFC Data Protection Law (DIFC Law No. 5 of 2020, as amended…
Investigative Sweep of Employers’ CCPA Compliance by the California Attorney General
The California Attorney General recently announced an initiative to investigate employers’ non-compliance with the California Consumer Privacy Act/California Privacy Rights Act (collectively the CCPA).
At the beginning of this year, the CCPA’s disclosure requirements and consumer rights provisions became applicable to job applicants, employees (and their beneficiaries), and independent contractors. Now, the California AG’s office…
California’s “Do Not Track” Mandate Does Not Please Businesses
Since the California Privacy Protection Agency (CPPA) released its draft regulations pursuant to the California Privacy Rights Act (CPRA), the biggest gripe from businesses has been the website tracking opt-out requirements. Recognition of opt-out requests from consumers could potentially cost companies some significant dollars.
The CPRA amends the California Consumer Privacy Act of 2020 and…
FTC Releases Guidance on Negative Option Marketing
The Federal Trade Commission released a new enforcement policy statement on October 28, 2021, targeting the practice known as “Negative Option Marketing.” Negative Option Marketing is the practice of taking consumers’ silence as tacit consent in various circumstances, including automatic subscription renewals and free-trial marketing. In the statement, the FTC outlined four general requirements for…