In late November, the Federal Trade Commission (“FTC”) released a staff perspective paper (“the Paper”) detailing the results of an FTC study that surveyed 184 “smart” devices, ranging from smartphones to hearing aids to door locks, to determine whether manufacturers disclose how long they provide software updates for their products and related apps. Without such updates, according to the Paper and the corresponding press release, these products “may lose their ‘smart’ functionality, become insecure, or completely cease to operate.”Continue Reading FTC Staff Paper Finds Most “Smart” Products Manufacturers Fail to Disclose How Long They Will Provide Software Updates
Privacy and Data Security
Maryland Enacts Age-Appropriate Design Code
On May 9, 2024, Maryland Governor Wes Moore signed the Maryland Age-Appropriate Design Code Act (“AADC”) into law. The AADC will go into force on October 1, 2024. This post summarizes the law’s key provisions.Continue Reading Maryland Enacts Age-Appropriate Design Code
Is Congress about to pass comprehensive privacy legislation?
After years of negotiations, members of the U.S. Senate and House of Representatives have released bipartisan comprehensive privacy legislation—the American Data Privacy and Protection Act. Democrats and Republicans have put forward separate proposals in the past that have more in common than different. The two main points of disagreement that…
Continue Reading Is Congress about to pass comprehensive privacy legislation?COVID-19 Vaccine Verification Frameworks: Emerging Standards Seek to Balance Privacy Concerns With Public Health Benefits
As COVID-19 vaccination becomes required in more personal and professional contexts, several different frameworks have emerged that propose both guiding principles and technical requirements for vaccine verification systems, including those developed by the World Health Organization (WHO) and the Good Health Pass Collaborative (GHPC).
Continue Reading COVID-19 Vaccine Verification Frameworks: Emerging Standards Seek to Balance Privacy Concerns With Public Health Benefits
Virginia Consumer Data Protection Work Group Holds Second Meeting, Hears Recommendations from the Office of the Virginia Attorney General
Last week, Virginia’s Joint Commission on Technology and Science held its second meeting of the Consumer Data Protection Work Group.
Instead of following a detailed rulemaking process for implementation like that provided for in the California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA) is being reviewed over the next few months by a group of state officials, business representatives, and advocates. This group will publish recommendations by November 1, 2021, which the state legislature can consider if it amends the law before the VCDPA goes into effect on January 1, 2023. A stated goal of the group is to align the VCDPA with other privacy laws that states are enacting around the country.
At the meeting, the group heard public comments as well as a presentation by Deputy Attorney General Samuel Towell on behalf of the Office of the Attorney General of Virginia (OAG). The presentation covered issues that the OAG sees with the VCDPA’s implementation and proposed a number of recommendations for the group to consider:
Continue Reading Virginia Consumer Data Protection Work Group Holds Second Meeting, Hears Recommendations from the Office of the Virginia Attorney General
Inside Privacy Audiocast: Episode 13 – Data Privacy Developments in Israel
On Episode 13 of Covington’s Inside Privacy Audiocast, Dan Cooper is joined by Dotan Hammer, a Partner in the Internet, Cyber & Copyright Group at Pearl Cohen, to discuss recent privacy developments in Israel, including Israel’s data-economy relations with the EU and the U.S.
Covington’s Inside Privacy Audiocast offers …
Continue Reading Inside Privacy Audiocast: Episode 13 – Data Privacy Developments in Israel
Inside Privacy Audiocast: Episode 12 – Conversation with Advocate Pansy Tlakula, Chairperson of the Information Regulator of South Africa
In celebration of data privacy as a human right as part of South Africa’s Human Rights Day 2021, we feature special guest Advocate Pansy Tlakula, Chairperson of the Information Regulator of South Africa on Episode 12 of Covington’s Inside Privacy Audiocast. Together with Dan Cooper and Mosa Mkhize, we…
Continue Reading Inside Privacy Audiocast: Episode 12 – Conversation with Advocate Pansy Tlakula, Chairperson of the Information Regulator of South Africa
California Attorney General Releases Fourth Set of Proposed Modifications to California Consumer Privacy Act Regulations
Yesterday, the California Attorney General (“AG”) proposed a fourth set of modifications to the California Consumer Privacy Act regulations. These modifications build on the third set of proposed regulations released by the AG in October, which we discussed here. Interested parties have until December 28 to submit comments in response.
Continue Reading California Attorney General Releases Fourth Set of Proposed Modifications to California Consumer Privacy Act Regulations
Californians Approve Ballot Initiative Modifying the California Consumer Privacy Act
Voters in California approved Proposition 24, which updates the California Consumer Privacy Act (“CCPA”) just a few months after the landmark regulations implementing the privacy law went into effect. As we have previously explained, the California Privacy Rights Act (“CPRA”) will change the existing CCPA requirements in a number of ways, including limiting the sharing of personal information for cross-context behavioral advertising and the use of “sensitive” personal information, as well as creating a new correction right. It also establishes a new agency to enforce California privacy law. The key provisions of the bill will not go into effect until January 1, 2023, providing much-needed time to clarify the details and for businesses to adjust their CCPA compliance approaches to account for the additional requirements.
Continue Reading Californians Approve Ballot Initiative Modifying the California Consumer Privacy Act
Inside Privacy Audiocast: Episode 7 – Brexit and the Future of UK Data Privacy Law
Over the past 9 months, the UK has been hammering out the shape of its future trading relationship with the EU, as well as many others, and there apparently are signs of progress in the past few days as a result of intensified talks between the two sides. Some are…
Continue Reading Inside Privacy Audiocast: Episode 7 – Brexit and the Future of UK Data Privacy Law