Florida may be next state to join the growing number of states with a consumer privacy law, as both chambers of Florida’s legislature are currently considering comprehensive state privacy legislation. Both HB 969 and SB 1734 resemble the California Consumer Privacy Act (“CCPA”), though they contain some notable differences. Florida Governor Ron DeSantis expressed support … Continue Reading
Today, the Supreme Court issued its decision in Facebook v. Duguid, adopting a narrow interpretation of a key definitional term in the Telephone Consumer Protection Act (TCPA) and resolving the circuit split we previously described here and here. In effect, the Supreme Court’s opinion means that to qualify as an “automatic telephone dialing system” (ATDS) under the TCPA, a … Continue Reading
Sen. Ed Markey (D-MA) and Rep. Ted Lieu (D-CA-33) reintroduced the Cyber Shield Act on March 24, 2021. The proposed legislation is not new to Congress; Sen. Markey and Rep. Lieu previously introduced the Cyber Shield Act in both 2017 and 2019. However, the bill never made it to a vote in either the House … Continue Reading
As the push for Congress to pass comprehensive consumer privacy legislation increases, Rep. Suzan DelBene (D-WA) has re-introduced the Information Transparency & Personal Data Control Act, a compromise proposal that contains provisions sought by both parties. This bill would create national data privacy standards and increase the enforcement authority of the Federal Trade Commission (FTC) … Continue Reading
On March 2, Virginia Governor Ralph Northam signed into law the Virginia Consumer Data Protection Act (VCDPA), becoming the second U.S. state to enact a comprehensive privacy law (Nevada has enacted an online privacy law, albeit with a narrower scope). As we have previously explained, the VCDPA follows the framework established by the Washington Privacy … Continue Reading
Several states have proposed new privacy bills since their sessions began. Some of the proposed bills carry over or re-introduce bills drafted in previous legislative sessions, while others are introducing first-in-time omnibus privacy bills. In the high-level chart below, we compare five of the key state privacy frameworks: the CPRA, VCDPA (which we blogged about here), the NYPA, the general privacy provisions of the Washington Privacy Act, and … Continue Reading
A number of legislative proposals to amend Section 230 of the 1996 Communications Decency Act (“Section 230”) have already been introduced in the new Congress. Section 230 provides immunity to an owner or user of an “interactive computer service” — generally understood to encompass internet platforms and websites — from liability for content posted by … Continue Reading
In a new post on the Covington Digital Health blog, our colleagues discuss a recent settlement between the Federal Trade Commission (“FTC”) and Flo Health, Inc. (“Flo”), the developer of a popular menstrual cycle and fertility-tracking application. The settlement resolves allegations that Flo shared app users’ health information with outside third parties after promising that … Continue Reading
The Virginia Consumer Data Protection Act (HB 2307 / SB 1392), introduced in the House of Delegates on January 20, passed both houses of Virginia’s state legislature on February 5 with large bipartisan majorities. This comprehensive privacy bill, which would take effect on January 1, 2023, follows a similar framework as the current version of … Continue Reading
On February 4, 2021, the House Energy and Commerce’s Subcommittee on Consumer Protection and Commerce held a hearing entitled, “Safeguarding American Consumers: Fighting Scams and Fraud During the Pandemic.” The hearing focused on the FTC’s ability to obtain equitable monetary relief under Section 13(b) of the FTC Act – an issue that is currently being … Continue Reading
On December 30, 2020, the Federal Communications Commission (“FCC”) released a Report and Order (“Order”) that imposed certain new restrictions on nonmarketing prerecorded calls to residential lines. The action was in response to Congress’s mandate in the TRACED Act that the FCC reevaluate certain exemptions the agency previously granted regarding the consent requirements for prerecorded … Continue Reading
With a new administration and a new Congress come key leadership changes and new priorities at the Federal Trade Commission (FTC). The change in administration paves the way for a Democratic-led Commission, though a permanent FTC Chairman and a successor to Commissioner Chopra (who has been nominated to head the Consumer Financial Protection Bureau) might … Continue Reading
On this special tenth episode of our Inside Privacy Audiocast, we celebrate Data Privacy Day 2021. Join Dan Cooper and Kurt Wimmer as they discuss the key global data privacy developments in 2020 and trends to look out for in 2021. Covington’s Inside Privacy Audiocast offers insights into topical global privacy issues and trends. Subscribe … Continue Reading
On January 7, the Federal Trade Commission (“FTC”) reached a proposed settlement with Tapjoy, a California-based company that operates an advertising platform within mobile gaming applications. According to its complaint, the FTC alleges that Tapjoy deceived consumers by failing to provide in-game rewards it promised for completing actions associated with third-party advertisements.… Continue Reading
Washington State Hearing on Latest Privacy Bill Highlights Competing Interests For Best Practices and Data Minimization On January 14, 2020, Washington’s State Senate Committee on Environment, Energy & Technology received public testimony about Senate Bill 5062, the “Washington Privacy Act.” Representatives from trade associations, the Attorney General’s Office, and civil rights groups offered recommendations to … Continue Reading
On Wednesday, January 13, the Supreme Court heard arguments in AMG Capital Management LLC v. Federal Trade Commission. This case raises the question whether the Federal Trade Commission (FTC) has been properly using Section 13(b) of the FTC Act, the provision authorizing requests for preliminary and permanent injunctions where the FTC believes the defendant “is … Continue Reading
Last year, Californians passed proposition 24, also known as the California Privacy Rights Act (“CPRA”). That law makes several changes to the California Consumer Privacy Act (“CCPA”), including some that relate to an organization’s cybersecurity practices.… Continue Reading
As the year comes to a close, a reminder that the California Consumer Privacy Act requires companies to update their privacy policies annually. Consequently, as you get ready to spread the holiday cheer, make sure your privacy policy gets some attention as well.… Continue Reading
On the eighth episode of our Inside Privacy Audiocast, we peer through the looking glass at the U.S. election and the future of privacy laws in the U.S. We discuss whether the November 3 election is likely to be a watershed event in the development of privacy laws in the U.S. In this episode, Dan … Continue Reading
Yesterday, the California Attorney General (“AG”) proposed a fourth set of modifications to the California Consumer Privacy Act regulations. These modifications build on the third set of proposed regulations released by the AG in October, which we discussed here. Interested parties have until December 28 to submit comments in response.… Continue Reading
On Friday, December 4, 2020, President Trump signed the bipartisan Internet of Things (“IoT”) Cybersecurity Improvement Act of 2020 into law. The IoT Cybersecurity Improvement Act empowers the National Institute of Standards and Technology (“NIST”) to create cybersecurity standards for internet-connected devices purchased and used by federal agencies. For more information on the law, please … Continue Reading
The bipartisan Internet of Things (“IoT”) Cybersecurity Improvement Act of 2020 (S. 734, H.R. 1668) has passed the House and the Senate and is headed to the President’s desk for signature. The bill was sponsored in the House by Representatives Hurd (R-TX) and Kelly (D-IL), and in the Senate by Senators Warner (D-VA) and Gardner … Continue Reading
Voters in California approved Proposition 24, which updates the California Consumer Privacy Act (“CCPA”) just a few months after the landmark regulations implementing the privacy law went into effect. As we have previously explained, the California Privacy Rights Act (“CPRA”) will change the existing CCPA requirements in a number of ways, including limiting the sharing … Continue Reading
Last week, an Ohio district court found that violations of the Telephone Consumer Protection Act (“TCPA”) occurring between 2015 and July 2020 cannot be enforced because the law was unconstitutional at the time. The case is captioned Lindenbaum v. Realgy, LLC, No. 19-CV-02862 (N.D. Ohio), and the opinion builds on an earlier decision from a … Continue Reading
