Topics Advertising & Marketing French CNIL Imposes €1M GDPR Fine on Israeli Ad Tech FirmRecent Class Actions Under State Anti-Spam Laws Target Retail Email Marketing Practices and Raise Questions about CAN-SPAM Act Preemption Aerospace & Defense Trump Administration Issues AI Action Plan and Series of AI Executive OrdersKey Takeaways from China’s Finalized Generative Artificial Intelligence Measures Airlines TSA Imposes New Cybersecurity Requirements for Rail and Air SectorsGDPR: Top 5 Post-Implementation Issues for Airlines Algorithmic Management European Parliament Committee Recommends Commission to Propose EU Directive on Algorithmic Management Artificial Intelligence (AI) NIST Publishes Preliminary Draft of Cybersecurity Framework Profile for Artificial Intelligence for Public CommentEuropean Commission Launches Consultations on the EU AI Act’s Copyright Provisions and AI Regulatory Sandboxes Autonomous Vehicles Trump Administration Issues AI Action Plan and Series of AI Executive OrdersU.S. Tech Legislative, Regulatory & Litigation Update – First Quarter 2024 Big Data EHDS Series – 2: The European Health Data Space from the Health Data Holder’s PerspectiveData Act Becomes Law: What Next? Brexit Data Divergence: A Brexit Dividend?European Commission Adopts Final UK Adequacy Decisions California Consumer Privacy Act (CCPA) California Privacy Agency Fines Tractor Supply $1.35 Million Over CCPA ViolationsNavigating California’s New and Emerging AI Employment Regulations California Privacy Rights Act CPPA Releases Draft Rules on Cybersecurity Audits and Risk AssessmentsCalifornia Court Delays Enforcement of CPPA Regulations Canada IoT Update: FTC Settles with Smart Lock Manufacturer and Provides Guidance for IoT CompaniesCanadian Privacy Commissioner Releases Official Guidance as Data Breach Law Takes Effect Centre for Data Ethics and Innovation Centre for Data Ethics and Innovation Publishes Final Report on “Online Targeting” Children's Privacy End-of-Year 2025 State and Federal Developments in Minors’ PrivacyGlobal Privacy Regulators Launch Enforcement Sweep Focused on Children’s Data Protection China China’s DPO Reporting Requirement Now in EffectChina Releases New Labeling Requirements for AI-Generated Content Cloud Computing U.S. AI, IoT, CAV, and Privacy Legislative Update – Fourth Quarter 2022European Commission Presents Strategies for Data and AI (Part 1 of 4) Colorado Privacy Act Colorado AG Files Final Rules Implementing CPAThe Colorado AG Posts Revised Draft Regulations Committee on Standards in Public Life UK Government’s Advisory Committee Publishes Report on Public Sector Use of AI Competition UK Regulators Target Dark PatternsFrom Washington to Brussels: A Comparative Look at the Biden Administration’s Executive Order and the EU’s AI Act Congress U.S. Congress Passes Bill Establishing Notice and Takedown Regime for Publication of Nonconsensual Intimate Visual DepictionsSenate Judiciary Subcommittee Holds Hearing on the STOP CSAM Act Consumer Protection Greystar’s $24 Million Settlement Signals FTC Crackdown on Hidden Rental FeeHelp Shape the Future of EU Product Compliance: Participate in the Public Consultations COVID-19 COVID-19: Legal Considerations and Best Practices for Employers Processing Vaccination DataCOVID-19 Vaccine Verification Frameworks: Emerging Standards Seek to Balance Privacy Concerns With Public Health Benefits Creditors FTC Announces Amended Rule on Identity Theft "Red Flags" Critical Infrastructure CISA Releases Cybersecurity Performance Goals 2.0 for Critical InfrastructureCISA Delays Cyber Incident Reporting Rule for Critical Infrastructure Cross-Border Transfers Roundup of Cross-Border Data Transfer DevelopmentsEuropean Commission and Brazil Advance Towards Mutual Adequacy Decision Cybersecurity CISA Releases AI Data Security GuidanceNIS2 Deadline Today Cybersecurity Germany Transposes NIS 2 Directive – Increased Cybersecurity Requirements for BusinessesNIST Publishes Preliminary Draft of Cybersecurity Framework Profile for Artificial Intelligence for Public Comment Dark Patterns UK Regulators Target Dark PatternsItalian Garante Fines Digital Marketing Company Over Use of Dark Patterns Data State Legislatures Advance Surveillance Pricing RegulationsCJEU Clarifies GDPR Rights on Automated Decision-Making and Trade Secrets Data Breaches European Commission Proposes Revisions to GDPR and Other Digital Rules Under Digital Omnibus PackageICO Fines Capita £14 Million Over 2023 Data Breach Data Privacy EU Biotech Act Suggests Clarifying Data Protection Rules For Clinical TrialsCJEU Clarifies Responsibilities Of Online Marketplace Operators Data Protection Officer EDPB 2023 Coordinated Enforcement Framework on DPOs: What Are the Key Takeaways for Organizations?Court of Justice of the EU Clarifies Rules on Data Protection Officers’ Dismissal and Conflicts of Interest Data Security European Commission Proposes Revisions to GDPR and Other Digital Rules Under Digital Omnibus PackageFive major changes to the regulation of cybersecurity in the UK under the Cyber Security and Resilience Bill Data Transfers Roundup of Cross-Border Data Transfer DevelopmentsCommission Collects Feedback to Simplify Rules on Data, Cybersecurity and Artificial Intelligence in Upcoming Digital Omnibus Delaware Personal Data Privacy Act Delaware General Assembly Passes Personal Data Privacy Act Department of Commerce U.S. Government Issues White Paper on Privacy Safeguards Following Schrems IIPrivacy Shield Third Annual Review Department of Health and Human Services OCR Seeks Comments Related to Recognized Security Practices and Distribution of Civil Monetary Penalties under the HITECH ActFTC Adopts Policy Statement on Privacy Breaches by Health Apps and Connected Devices Department of Justice UK and U.S. Governments set a date for the entry into force of the UK-U.S. CLOUD Act AgreementDOJ Proposes Legislation to Limit Section 230 Immunity Digital Health New German Guidelines on GDPR Requirements for International Transfers of Health Data in Medical ResearchEuropean Health Data Space Published Digital Services Act European Commission Makes New Announcements on the Protection of Minors Under the Digital Services ActEuropean Commission Publishes Draft Guidelines on the Protection of Minors under the DSA Doxing FTC Settles with Broker Who Allegedly Disclosed Personal Information of Yelp Reviewers Electronic Surveillance and Law Enforcement Access UK and U.S. Governments set a date for the entry into force of the UK-U.S. CLOUD Act AgreementSupreme Court Holds FISA Does Not Displace the State Secrets Privilege EMEA Tech Regulation Digital Omnibus Package Series: European Commission’s Proposal to Revise the EU's AI RulesFrench CNIL Issues Draft Guidance On The Use of Location Data From Connected Vehicles Emerging Technologies UNESCO Adopts First Global Framework on Neurotechnology EthicsEuropean Commission Launches Consultations on the EU AI Act’s Copyright Provisions and AI Regulatory Sandboxes Entertainment EU and US Lawmakers Agree to Draft AI Code of ConductWhite House Issues Request for Comment on Use of Automated Tools with the Workforce ePrivacy Regulation Irish DPC Publishes Child-Facing Privacy Guides12 Eye-Catching Proposals In The UK Government’s Plan To Reform UK Data Protection Law Ethics Kenya’s AI Strategy 2025–2030: Signals for Global Companies Operating in AfricaThe Council of Europe Publishes Feasibility Study on Developing a Legal Instrument for Ethical AI EU Adequacy Decision Roundup of Cross-Border Data Transfer DevelopmentsEuropean Commission Retains Adequacy Decisions for Data Transfers to Eleven Countries EU Data Protection EU Biotech Act Suggests Clarifying Data Protection Rules For Clinical TrialsCJEU Clarifies Responsibilities Of Online Marketplace Operators EU-U.S. Data Privacy Framework Roundup of Cross-Border Data Transfer DevelopmentsEuropean Commission Adopts Adequacy Decision on the EU-U.S. Data Privacy Framework European Union European Commission Proposes Revisions to GDPR and Other Digital Rules Under Digital Omnibus PackageCJEU Upholds Country-of-Origin Principle for Online Service Providers in the EU European Union Germany Transposes NIS 2 Directive – Increased Cybersecurity Requirements for BusinessesGerman Government Proposes GDPR Reform to Shift Responsibility to Manufacturers Federal Communications Commission FTC Announces Regulatory Priorities for Both Privacy and CompetitionSupreme Court Narrows Meaning of TCPA Autodialer Definition Federal Trade Commission FTC Sets Aside Rytr Final Order Pursuant to White House AI Action PlanFTC Issues Warning Letters for Violations of Consumer Reviews Rule Financial Institutions New York Department of Financial Services Finalizes Second Amendment to Cybersecurity RegulationProposed Second Amendment to NYDFS Cybersecurity Regulations: Comments Due August 14 Financial Privacy SEC Adopts Amendments to Regulation S-PMcHenry Introduces Data Privacy Act of 2023 Financial Services CJEU Clarifies GDPR Rights on Automated Decision-Making and Trade SecretsDutch SA Sanctions Credit Card Company for Failure to Perform Data Protection Impact Assessment Fintech Overlap Between the GDPR and PSD2 GDPR German Government Proposes GDPR Reform to Shift Responsibility to ManufacturersEU Biotech Act Suggests Clarifying Data Protection Rules For Clinical Trials GDPR Rights CJEU Rules on Right of Rectification of Gender IdentityEDPB Launches Coordinated Enforcement on the Right to Erasure Health Privacy UNESCO Adopts First Global Framework on Neurotechnology EthicsNew York Governor Vetoes Restrictive Health Privacy Law India Five Key Themes from the FTC’s Data Portability WorkshopIndia Proposes Updated Personal Data Protection Bill International European Commission Proposes Revisions to GDPR and Other Digital Rules Under Digital Omnibus PackageRoundup of Cross-Border Data Transfer Developments Internet of Things (IoT) NIST Report and Recommendations on Fostering Development of the Internet of ThingsData Act Becomes Law: What Next? Iowa Iowa Enacts Comprehensive Consumer Privacy Law Korea EU Digital Partnerships with Asia: A New Path Towards Enhanced Digital Collaboration and OpportunitiesEDPB Adopts Overall Favorable Opinion on European Commission’s Draft Adequacy Decision for South Korea Liability EU Member States Begin Rolling Out New Product Liability RulesEuropean Parliament Study Recommends Strict Liability Regime for High-Risk AI Systems Life science The UK’s new Data Legislation – What does it mean for the Life Science sector?U.S. AI, IoT, CAV, and Privacy & Cybersecurity Legislative & Regulatory Update – First Quarter 2023 life science Major Cyber-attack on Irish Health System Causes Commercial ConcernNew German Legislation Facilitates Scientific Research in the Health Sector Life Sciences & Digital Health UNESCO Adopts First Global Framework on Neurotechnology EthicsEU Biotech Act Suggests Clarifying Data Protection Rules For Clinical Trials Litigation Court Grants Summary Judgment: Website Vendor Cannot Read “Session Replay” Data “In Transit” Under CIPAImplied Consent to Privacy Policy in Webpage Footer Forecloses Website Wiretapping Claim Litigation CJEU Clarifies Responsibilities Of Online Marketplace OperatorsRounding up Five Recent CJEU Cases on GDPR Compensation Litigation Third Circuit Affirms Dismissal of CIPA and CMIA ClaimsCourt Applies Popa to Dismiss CIPA Pen Register Claim for Lack of Article III Standing Marketing Schedule of Panelists for FTC's Upcoming Big Data & Discrimination WorkshopFTC to Examine Impact of "Big Data" on Low-Income and Underserved Communities Metaverse Regulating the Metaverse in Europe Middle East Top Five EMEA Technology Trends to Watch in 2023Saudi Arabia Issues New Personal Data Protection Law Mobile New York AG Issues Guidance on Website Privacy ControlsGerman court decides that GDPR consent can be tied to receiving advertising Mobile Online FTC Releases Online Tool to Help Health App Developers Identify Applicable LawsHHS Launches Portal Seeking Questions from Mobile Health Application Developers NHS UK Government’s Advisory Committee Publishes Report on Public Sector Use of AI Non-Personal Data European Parliament and Council Release Agreed Text on Data Act Online State Legislatures Advance Surveillance Pricing RegulationsNew York AG Issues Guidance on Website Privacy Controls Online Safety EU Legislative Update on the New Product Liability Directive Online Targeting ICO announces its online tracking strategy for 2025CJEU Decides the IAB Europe Case, Expanding the Concept of Controllership Policy and Legislation European Commission Publishes Apply AI Strategy to Accelerate Sectoral AI Adoption Across the EUU.S. Senate Passes REPORT Act to Expand Scope of CSAM Reporting Obligations POPIA South Africa Introduces Mandatory e-Portal Reporting for Data BreachesFinal Countdown to POPIA Compliance: Five Critical Steps to Take Before July 1st, 2021 Privacy & Data Security New State Privacy and Minor Social Media Laws to Become Effective in JulyGlobal CBPR and PRP Certifications Launched: A New International Data Transfer Mechanism Privacy and Data Security Roundup of Cross-Border Data Transfer DevelopmentsIllinois Federal Court Dismisses BIPA Suit Against X, Holding “Biometric Identifiers” Must Identify Individuals Privacy Policies Implied Consent to Privacy Policy in Webpage Footer Forecloses Website Wiretapping ClaimCCPA Consumer Request Metrics Reporting Due July 1, 2021 Public Sector OFAC Issues Updated Guidance on Ransomware PaymentsUK Government’s Advisory Committee Publishes Report on Public Sector Use of AI Quantum Quantum Computing: Developments in the UK and USCISA, NSA, and NIST Urge Critical Infrastructure and Others to Prepare for Quantum Computing Cyber Threats Red Flags FTC Issues Revised Business Guide on Identity Theft Red Flags RuleSEC and CFTC Issue Final Identity Theft Rule Report UK Government’s Advisory Committee Publishes Report on Public Sector Use of AI Russia/Ukraine War International Cybersecurity Authorities Issue Joint Advisory on Russian Cyber Threats to Critical Infrastructure Saudi Arabia Saudi Arabia Issues New Personal Data Protection LawInside Privacy Audiocast Episode 15: Data Privacy Developments in Saudi Arabia and the Middle East Smart Meters FTC Releases Agenda for November 19th "Internet of Things" WorkshopENISA Publishes New Guidelines for Smart Grid Cyber Security Social Media Utah Repeals and Replaces Social Media Regulation ActState, Federal, and Global Developments in Children's Privacy, Q1 2023 Sourcing GDPR Contracts and Liabilities Between Controllers and ProcessorsData Localization Requirements Through the Backdoor? Germany’s “Federal Cloud”, and New Criteria For the Use of Cloud Services by the German Federal Administration South Africa South Africa: Guidance on POPIA Exemptions and Registration of Information OfficersFinal Countdown to POPIA Compliance: Five Critical Steps to Take Before July 1st, 2021 Standards NIST Publishes Updated Incident Response Recommendations and ConsiderationsEU Legislative Update on the New Product Liability Directive State Legislatures Texas Enacts AI Consumer Protection LawState Legislatures Advance Surveillance Pricing Regulations State Privacy CalPrivacy Announces $45,000 Fine Against Data Broker for Delete Act ViolationsCalifornia AG Announces $1.4 Million Settlement with Mobile App Gaming Developer Over CCPA Violations Student Privacy Vermont Enacts Data Breach Notification and Student Privacy LegislationCalifornia Attorney General Issues Recommendations for Privacy in Ed Tech Surveillance State Legislatures Advance Surveillance Pricing RegulationsPresident Biden Signs Executive Order to Implement EU-U.S. Data Privacy Framework TCPA Maryland and Florida Update Their Telemarketing LawsWashington Enacts Update to State Telemarketing Law Technology European Commission Publishes Apply AI Strategy to Accelerate Sectoral AI Adoption Across the EUTrump Administration Issues AI Action Plan and Series of AI Executive Orders Technology Transactions GDPR Contracts and Liabilities Between Controllers and ProcessorsCovington Attorneys Author Chapter on the Challenges of Managing Third-Party Outsourcing Risks Travel TSA Imposes New Cybersecurity Requirements for Rail and Air SectorsGDPR: Top 5 Post-Implementation Issues for Airlines U.S. Election 2020 Inside Privacy Audiocast: Episode 8 – The Impact of the U.S. Election on Privacy Laws in the U.S. U.S. Federal and State Legislative Initiatives U.S. Senate Introduces Genomic Data Protection ActFederal Congressional Comprehensive Data Privacy Working Group Issues Request for Information U.S. National Cybersecurity Strategy CISA Publishes International Guidance on Implementing Security-by-Design and Security-by-Default Principles for Software Manufacturers and Customers UK Government Five major changes to the regulation of cybersecurity in the UK under the Cyber Security and Resilience BillQuantum Computing: Developments in the UK and US Uncategorized CISA Releases Cybersecurity Performance Goals 2.0 for Critical InfrastructureEuropean Commission launches a call for evidence on the impact assessment for the forthcoming EU Quantum Act United Kingdom Roundup of Cross-Border Data Transfer DevelopmentsWhat to expect from the UK’s Cyber Security and Resilience Bill (and when) United Kingdom Five major changes to the regulation of cybersecurity in the UK under the Cyber Security and Resilience BillICO Fines Capita £14 Million Over 2023 Data Breach United States FTC Sets Aside Rytr Final Order Pursuant to White House AI Action PlanFTC Issues Warning Letters for Violations of Consumer Reviews Rule White House Trump Administration Issues AI Action Plan and Series of AI Executive OrdersWhite House Issues New Cybersecurity Executive Order
