Dec. 11, 2024
Dec. 11, 2024
Deciphering the New CPPA Proposed Regulations for Data Brokers
The California Privacy Protection Agency (CPPA) Board is closely watching data brokers. In the past month, it voted to adopt proposed regulations (Proposed Regs) that expand upon and clarify key provisions of the Delete Act, broadening the definition of data broker, and reached settlements with two data broker companies about a week after it had announced that it was beginning a public investigative compliance sweep. This article, with insights from experts at Frankfurt Kurnit, Troutman Pepper and WilmerHale, examines how the Proposed Regs expand upon some of the Delete Act’s central requirements and offers practical measures for data brokers on how to meet their compliance obligations. See “Outgoing CPPA Board Member Discusses Rulemaking and Looming Privacy Issues” (Sep. 25, 2024). Read full article …
Preparing for U.S. State Law Privacy Compliance in 2025
The new year will see eight new state consumer data privacy laws taking effect – some as soon as January 1. Since 2023, the number of such laws has grown significantly, and nearly a dozen more are expected in the next two years, said Jodi Daniels, founder of data privacy consulting firm Red Clover Advisors, during a year-end presentation with Husch Blackwell partner David Stauss. To help companies navigate this ever-growing landscape and prepare for the parade of new laws and regulations, this article distills insights shared by Daniels and Stauss on the laws soon taking effect, other relevant state law amendments and rulemaking to consider, and how companies can prepare to comply with them. See “Measures for Complying With 19 (and Counting) State Privacy Laws” (Jun. 26, 2024). Read full article …
DOJ’s 2024 Edits to the ECCP: Speaking Up, Compliance Resources and Lessons Learned
The edits to the DOJ’s Evaluation of Corporate Compliance Programs (ECCP) that were announced in September 2024 (2024 Edits) were broad, touching on many aspects of compliance programs. The first article of this three-part series about the 2024 Edits discussed the changes related to AI, and the second examined the many edits related to data analytics. This last installment covers changes regarding bread-and-butter elements of a compliance program that are less sexy to discuss but equally important. See “What to Know (and Do) About DOJ’s Efforts to Identify and Prosecute Cybersecurity Fraud Under the False Claims Act” (Oct. 30, 2024). Read full article …
Most-Read Articles
-
Nov. 13, 2024
Unpacking the Second Circuit’s Bombshell VPPA Ruling -
Nov. 20, 2024
SEC Charges Four Companies for Misleading Cyber Incident Disclosures: New Expectations? -
Nov. 6, 2024
DOJ’s 2024 Edits to the ECCP: Some History and AI Expectations -
Nov. 13, 2024
GDPR Enforcement’s New Phase: Navigating Privacy Investigations in Europe -
Nov. 6, 2024
GDPR Enforcement’s New Phase: More Predictability, and New Rules on the Way
We Celebrate Data Privacy Day 2024
Read the full brief here.