Consumer Privacy

Subscribe to Consumer Privacy

The Federal Trade Commission (FTC) recently took enforcement action against digital healthcare companies for sharing user information vie third-party tracking pixels, which enable the collection of user data. At the start of the year, the U.S. Health and Human Services Office of Civil Rights issued its own bulletin with guidance regarding tracking pixel technology for

On March 7, 2023, the Consumer Financial Protection Bureau (CFPB), the federal government agency charged with protecting consumers in the financial sector, and the National Labor Relations Board (NLRB), the federal government agency tasked with protecting private sector employees’ rights to engage in union organizing and other concerted activity, announced an information sharing agreement in

On March 15, 2023, the Iowa legislature unanimously passed Senate File 262, the Consumer Privacy Act, which relates to consumer data and privacy protection. Once signed by Iowa’s governor, the statute will become operative on January 1, 2025, and  Iowa will join California, Colorado, Connecticut, Utah, and Virginia in passing

The Colorado Privacy Act (CPA), effective July 1, 2023, provides expansive protections to the personal data of Colorado residents acting in an individual or household context (a “consumer”). Similar to the California Consumer Privacy Act (CCPA), the CPA requires providing notice of an entity’s (“controller”) data collection activities, provides for consumer rights including the right

It usually happens after a reported data breach. The organization experiencing the breach sends notifications to affected individuals, as well as federal and or state agencies where appropriate and perhaps other parties. Not long thereafter, the organization receives an inquiry from one or more government agencies. These inquiries typically seek more information about the breach

On December 22, 2022, the Nevada Gaming Commission (NGC) adopted regulations creating new cybersecurity requirements for certain gaming operators. This action joins agencies in other jurisdictions moving quickly to protect consumers and their personal information in the gaming industry. The NGC adopted the October 17, 2022 version of the regulations, which become effective January

On January 1, 2023, Virginia’s Consumer Data Protection Act (CPDA) takes effect. Key features of the CPDA include expansive consumer privacy rights (right to access, right of rectification, right to delete, right to opt-out, right of portability, right against automatic decision making), a broad definition of “personal information”, the inclusion of a “sensitive data” category

On October 21 and 22, the California Privacy Protection Agency (CPPA) Board will meet to discuss possible action regarding the proposed regulations for the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

Previously, in June 2022, the Board met to discuss revising the regulations previously released by the California Attorney General.

California’s Governor signed Assembly Bill (AB) 2273, the first of its kind state legislation that requires businesses that provide online services, products, or features likely to be accessed by children to comply with specified standards.

Building on federal protections for children online under the Children’s Online Privacy Protection Act (COPPA), AB 2273 enacts the

The Consumer Financial Protection Bureau (CFPB) recently issued a legal Advisory in early July 2022, intending to protect the privacy rights of individuals subject to background checks by third-party consumer reporting agencies (CRAs) under the federal Fair Credit Reporting Act (FCRA).  The Advisory also seeks to remind users (e.g., employers) of their obligations under FCRA.