Last week, the California Privacy Protection Agency (CPPA) announced it will conduct a public investigative sweep of data broker registration compliance under the California Delete Act.

Pursuant to the Act, a “data broker” is “a business that knowingly collects and sells to third parties the personal information of a [California] consumer with whom the business

The Federal Trade Commission (FTC) issued a Final Rule on October 27, 2021, amending the Standards for Safeguarding Customer Information, known as “the Safeguards Rule,” under the Gramm-Leach-Bliley Act, which is applicable to a broad range of non-banking financial institutions. The FTC approved the Amendment by a vote of 3-2. The FTC’s press release states

Washington legislators recently introduced the Washington Privacy Act (WPA). This legislation is a consumer-focused privacy law similar to the California Consumer Privacy Act (CCPA) but it also has some European Union General Data Protection Regulation (GDPR)-like concepts. The WPA protects personal data in much the same way as the CCPA, but with some significant differences.

The New York “Stop Hacks and Improve Electronic Data Security Act” (SHIELD Act), N.Y. Gen Bus. Law§ 899-bb, requires businesses that collect private information on New York residents to implement reasonable cybersecurity safeguards to protect that information. While this is a new law in the State of New York, it is simply joining other states,

While we’ve discussed the California Consumer Privacy Act (CCPA) at length, Nevada was busy amending its internet privacy law and in the process beat California’s deadline for the effective date by three months. Nevada’s SB 220 is effective as of October 1, 2019.

This law prevents covered operators from selling individual’s personal information and allows

Many readers questioned me about the Wall Street Journal article this week entitled, “Facebook to Banks: Give Us Your Data, We’ll Give you Our Users.”

The questions and comments ranged from “Can they really do this?” to “This is outrageous!”

Without getting into a legal analysis, there are laws that banks have to follow when

We have been waiting for—and the Federal Communications Commission (FCC) delivered—its long anticipated broadband data privacy and security rules on March 10, 2015. Through the proposed rules, the FCC has declared its enforcement authority over the data privacy and security practices of Internet service providers (ISPs), much to the chagrin of the industry, which argues

Did you know that a Victoria’s Secret catalog is one of the top reasons that Congress included privacy protections in the Gramm-Leach Bliley Act (GLB Act)? The GLB Act protects consumers’ financial information and requires financial institutions to explain their information-sharing practices to consumers. These privacy protections were introduced by Representative Ed Markey of Massachusetts