On May 16, the U.S. Securities and Exchange Commission (“SEC”) adopted amendments to Regulation S-P, which implements the Gramm-Leach Bliley Act (“GLBA”) for SEC-regulated entities such as broker-dealers, investment companies, registered investment advisers, and transfer agents.Continue Reading SEC Adopts Amendments to Regulation S-P

Sarah Parker
Sarah Parker is an associate in the firm’s Washington Office. Her practice focuses on privacy, advertising, and consumer protection regulatory matters and government investigations.
Sarah also maintains an active pro bono practice, with a focus on criminal justice and civil rights litigation.
FTC Announces Proposed Consent Orders Related to Location Data
The FTC recently announced proposed consent orders with Outlogic (formerly X-Mode Social) and InMarket Media concerning their collection and monetization of precise geolocation data. Both companies collect location data using software development kits (“SDKs”) installed in first and third party apps, among other data sources. According to the FTC’s complaints, Outlogic sold this data to third parties (including in a manner that revealed consumer’s visits to sensitive locations) without obtaining adequate consent, and InMarket used this data to facilitate targeted advertising without notifying consumers that their location data will be used for targeted advertising. In both cases, the FTC alleged that these acts and practices constituted unfair and/or deceptive acts or practices under Section 5 of the FTC Act. Continue Reading FTC Announces Proposed Consent Orders Related to Location Data
California Amends Data Broker Law
On October 10, 2023, California Governor Gavin Newsom signed S.B. 362, the Delete Act (the “Act”), into law. The new law represents a substantive overhaul of California’s existing data broker statute, which requires data brokers to register with the California Attorney General annually. The passage of the Act follows a renewed interest in data broker activity nationwide, including a request for comments from the Consumer Financial Protection Bureau and the introduction of similar legislation at the federal level. Below, we outline a number of key provisions:Continue Reading California Amends Data Broker Law
Colorado AG Files Final Rules Implementing CPA
On March 15, 2023, the Colorado Attorney General filed final rules implementing the Colorado Privacy Act (“CPA”) with the Secretary of State. The Attorney General first released proposed draft rules on October 10, 2022 and subsequently released revised draft rules on December 21, 2022 and January 27, 2023 after public…
Continue Reading Colorado AG Files Final Rules Implementing CPAMcHenry Introduces Data Privacy Act of 2023
On February 24, Congressman Patrick McHenry (NC-10) formally introduced his bill to modernize the Gramm-Leach-Bliley Act (“GLBA”) in the House as H.R. 1165. The bill was first released as a discussion draft in June 2022, although the latest version reflects a number of updates as compared to the initial…
Continue Reading McHenry Introduces Data Privacy Act of 2023FTC Flexes ROSCA Muscle With $100 Million “Dark Patterns” Settlement with Vonage
On November 3, the FTC announced that it entered into a significant $100 million settlement with Vonage to resolve allegations relating to the internet phone service provider’s sales and autorenewal practices. The FTC alleged that Vonage violated both the FTC Act and the Restore Online Shoppers’ Confidence Act (ROSCA) by failing to provide a simple cancellation mechanism, failing to disclose material transaction terms prior to obtaining consumers’ billing information, and charging consumers without consent.Continue Reading FTC Flexes ROSCA Muscle With $100 Million “Dark Patterns” Settlement with Vonage
California Privacy Protection Agency Posts Updated Draft Rules
The California Privacy Protection Agency (CPPA) staff has posted updated draft rules implementing the California Privacy Rights Act (CPRA). The CPPA Board will discuss the updated draft rules during two virtual public meetings on Friday, October 21 and Saturday, October 22. Agency staff and counsel will also be present at…
Continue Reading California Privacy Protection Agency Posts Updated Draft RulesCalifornia Privacy Protection Agency Provides Update on CPRA Rulemaking
During its September 23, 2022 board meeting, the California Privacy Protection Agency (CPPA) provided an update on the status of the ongoing California Privacy Rights Act (CPRA) rulemaking. Since the closure of the required 45-day comment period, the agency staff have been reviewing the written and oral comments submitted by the public. The agency will be promulgating revised regulations, which will be drafted by the staff and presented to the Board. These revisions will be followed by an additional public comment period of 15 to 45 days depending on the scope of the revisions.Continue Reading California Privacy Protection Agency Provides Update on CPRA Rulemaking
California Privacy Protection Agency Holds Public Hearings on Proposed Regulations
The California Privacy Protection Agency (“CPPA”) held two public hearings last week on its proposed regulations. Continue Reading California Privacy Protection Agency Holds Public Hearings on Proposed Regulations
California Attorney General Announces First CCPA Settlement
Today, the California Attorney General announced the first settlement agreement under the California Consumer Privacy Act (“CCPA”). The Attorney General alleged that online retailer Sephora, Inc. failed to disclose to consumers that it was selling their information and failed to process user requests to opt out of sale via user-enabled global privacy controls. The Attorney General also alleged that Sephora did not cure these violations within the cure period. Continue Reading California Attorney General Announces First CCPA Settlement