The Colorado Privacy Act (CPA), effective July 1, 2023, provides expansive protections to the personal data of Colorado residents acting in an individual or household context (a “consumer”). Similar to the California Consumer Privacy Act (CCPA), the CPA requires providing notice of an entity’s (“controller”) data collection activities, provides for consumer rights including the right

It usually happens after a reported data breach. The organization experiencing the breach sends notifications to affected individuals, as well as federal and or state agencies where appropriate and perhaps other parties. Not long thereafter, the organization receives an inquiry from one or more government agencies. These inquiries typically seek more information about the breach

On December 22, 2022, the Nevada Gaming Commission (NGC) adopted regulations creating new cybersecurity requirements for certain gaming operators. This action joins agencies in other jurisdictions moving quickly to protect consumers and their personal information in the gaming industry. The NGC adopted the October 17, 2022 version of the regulations, which become effective January

On January 1, 2023, Virginia’s Consumer Data Protection Act (CPDA) takes effect. Key features of the CPDA include expansive consumer privacy rights (right to access, right of rectification, right to delete, right to opt-out, right of portability, right against automatic decision making), a broad definition of “personal information”, the inclusion of a “sensitive data” category

On October 21 and 22, the California Privacy Protection Agency (CPPA) Board will meet to discuss possible action regarding the proposed regulations for the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

Previously, in June 2022, the Board met to discuss revising the regulations previously released by the California Attorney General.

California’s Governor signed Assembly Bill (AB) 2273, the first of its kind state legislation that requires businesses that provide online services, products, or features likely to be accessed by children to comply with specified standards.

Building on federal protections for children online under the Children’s Online Privacy Protection Act (COPPA), AB 2273 enacts the

The Consumer Financial Protection Bureau (CFPB) recently issued a legal Advisory in early July 2022, intending to protect the privacy rights of individuals subject to background checks by third-party consumer reporting agencies (CRAs) under the federal Fair Credit Reporting Act (FCRA).  The Advisory also seeks to remind users (e.g., employers) of their obligations under FCRA.

In response to the United States Supreme Court decision in Dobbs vs. Jackson Women’s Health Organization, President Joe Biden signed an Executive Order on Friday, July 8, 2022, designed to protect access to reproductive health care services. In addition to measures seeking to safeguard access to abortion and contraception, the Executive Order includes provisions

The federal government has been trying to reach a consensus on data privacy and thus far has failed to pass legislation. On June 3, 2022, a bipartisan draft bill, titled the American Data Privacy and Protection Act was released by the Committee on Energy and Commerce. The bill intends to provide comprehensive data privacy

At the California Privacy Protection Agency (CPPA) Board meeting on June 8, 2022, the board voted to begin the rulemaking process. The Board previously released a 66-page draft of regulations, that are intended to implement and interpret the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). While