Consumer Protection

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

2023 State Privacy Laws and Regulations Bring Extensive Data Protection Assessment Requirements | Privacy World

Priority Topics for French CNIL

On January 1st of this year, the Virginia Consumer Data Protection Act (“VCDPA”) and amendments to the California Consumer Privacy Act (“CCPA”) went into effect. Later this year, the Colorado Privacy Act (“CPA”), Connecticut’s Public Act No. 22-15 (known as the “Connecticut Privacy Act” or “CTPA”), and the Utah Consumer Privacy Act (“UCPA”) will go into effect as well. Aside from the UCPA, these laws will obligate covered entities to document and assess certain processing activities in formal data protection assessments, which will be available to regulators. The purpose is to require companies to look critically at high-risk data processing activities and avoid unjustifiable risks and negative impacts on data subjects. Assessments can also serve the purpose of maintaining current data inventories and retention schedules and ensuring that processing is not inconsistent with the notified purposes at the time of collection.
Continue Reading 2023 State Privacy Laws and Regulations Bring Extensive Data Protection Assessment Requirements

Almost one year to the day after Utah enacted the Utah Consumer Privacy Act (“UCPA”), Iowa is one (Kim Reynolds’) signature away from passing the sixth comprehensive consumer data privacy law, joining California, Colorado, Virginia, Connecticut, and Utah.
Continue Reading Iowa is the Latest State to Pass Comprehensive Privacy Legislation

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

CFPB and FTC to Scrutinize Tenant Screening Practices | Privacy World

China Releases the Standard Contract on Personal Information Export

Earlier this month, the Consumer Financial Protection Bureau (the “CFPB”) and Federal Trade Commission (the “FTC”) announced that they had issued a request for information (“RFI”) seeking public comment on “background screening issues affecting individuals who seek rental housing in the United States, including how the use of criminal and eviction records and algorithms affect tenant screening decisions and may be driving discriminatory outcomes.”  The deadline for submitting comments in response to the RFI is May 30, 2023.
Continue Reading CFPB and FTC to Scrutinize Tenant Screening Practices

Part 1 of How to Approach DPAs in view of Final CCPA Regs: A Series

This is the first in our series of blog posts on top considerations for approaching data processing terms required under the state privacy laws that have, or will, come into effect this year, namely the California Consumer Privacy Act, as

The French government has decided to act in the fight against the resurgence of cyberattacks, together with ransom demands, which have a significant impact on the economy. By anticipating the development of the cyber risk insurance market in France, the French government has decided to make the payment of insurance compensation conditional on the filing

Following up on its initial notice from last September, the Federal Communications Commission (the Commission) has released a draft Report and Order and Further Notice of Proposed Rulemaking to address unwanted text messages that “invade consumer privacy and are vehicles for consumer fraud and identity theft.” The Commission will consider adopting the proposed rules at

Some would say that Commissioner Christine Wilson foreshadowed her resignation in her recent GoodRx concurrence. Indeed, Commissioner Wilson has been vocal in recent months about some of her concerns with how the FTC is doing business. Much of her criticism came after the Supreme Court’s AMG Capital Management, LLC v. FTC decision, which stripped the FTC of certain powers. Of course Privacy World has kept you in the know with how the FTC reacted to AMG HERE, HERE, and HERE. Much of the FTC’s reactions center on increasing rulemaking efforts, especially as the rulemaking impacts privacy and advertising programs, while also escalating its enforcement actions. Recently, the U.S. Chamber sent an open letter to Congress requesting more congressional oversight of the FTC in light of Commissioner Wilson’s resignation. Here are three points from the U.S. Chamber’s open letter that reflect what Commissioner Wilson’s resignation may mean for Congress and the FTC over the coming year:
Continue Reading What Commissioner Wilson’s Resignation Means for the Year Ahead

746 years. That is the total amount of time criminal defendants have been sentenced to prison from consumer fraud cases the Federal Trade Commission (FTC) has referred to prosecutors the past five years. Indeed, the FTC’s Bureau of Consumer Protection Criminal Liaison Unit (Bureau) highlighted these figures in its recently published Criminal Liaison Unit Report. Notably, this report emphasized the FTC’s growing enforcement concern over the use of deceptive negative option marketing (or dark patterns) and its intended aim to push egregious cases to prosecutors in the future. The Criminal Liaison Unit Report (the Report) is consistent with FTC’s November 4, 2021 Enforcement Policy Statement Regarding Negative Option Marketing, and the Report outlines four key takeaways for companies going forward.
Continue Reading FTC Signals More Criminal Referrals for Negative Option Fraudsters