State and Local

During the Nationwide Multistate Licensing System Annual Conference, state financial regulators released an updated cybersecurity examination tool for nonbank financial company supervision. The tool is designed for state regulators to use during examinations of less complex and lower risk institutions, and another tool for more complex institutions is scheduled for release in the second quarter […]

The state of Washington is making another attempt at passing a privacy bill. Earlier this month, the Washington Privacy Act passed the Senate and has now moved to the House of Representatives. Although it has the support of large tech companies like Microsoft and Amazon, it is facing pushback from consumer groups who are demanding […]

On March 17, 2021, the five board members of the California Privacy Protection Agency were announced. The CPPA was established by the California Privacy Rights Act, which was approved by California voters during the November 2020 election. The new board members come from various backgrounds including academia, private practice and nonprofits. The chair of the […]

On March 15, 2021, the California Attorney General’s office announced that the Office of Administrative Law has approved the Attorney General’s proposed changes to the CCPA regulations. The new regulations make three general changes relating to the right to opt out of sales – offline collection and notices, an optional opt-out icon, and a ban […]

One key area where Virginia’s Consumer Data Protection Act differs from the California Consumer Privacy Act and the California Privacy Rights Act is the law’s notice and disclosure obligations. Each of these privacy laws is based on the Fair Information Practice Principles, which include the principle that a consumer should be given notice of information […]

With the California Consumer Privacy Act in 2018, and the California Privacy Rights Act of 2020, California has dared Congress, twice, to pass sorely needed federal privacy legislation. Now Virginia is in on the act. Earlier this month, Governor Northam signed into law the Consumer Data Protection Act, making Virginia the second state to pass […]

Illinois’ Biometric Information Privacy Act (“BIPA”) is alive and well as a potential breeding ground for litigation for tech companies. In the last month, two settlements have been announced in class actions where the plaintiffs alleged violations of BIPA in the U.S. District Court for the Northern District of Illinois. These settlements show that companies […]

On March 15, California Attorney General Xavier Becerra announced the approval of modified regulations under the California Consumer Privacy Act that are effective immediately. The modified regulations ban “dark patterns” (deliberate attempts to subvert or impair a consumer’s choice to opt out), provide an optional Privacy Options icon, and clarify regulations related to offline consumer […]

Florida appears to be on track to be one of the next states to pass a general privacy law, joining California and Virginia. CS/HB 969 makes changes to existing law, and also adds a number of new requirements. It is unclear whether the bill will be enacted, though it appears to have broad support in […]

The five members of the California Privacy Protection Agency were announced today.  The members – who were appointed by Governor Newsom, Attorney General Becerra, Senate President pro Tempore Atkins, and Assembly Speaker Rendon – will lead the new agency, which will have rulemaking and enforcement authority under the California Privacy Rights Act. The new agency […]