Universal Opt-Out Mechanisms

Privacy compliance has entered a new phase—one defined not only by high-profile enforcement actions but by the growing expectation that organizations implement and maintain mature information governance programs capable of validating true, system-level technical compliance rather than merely projecting the appearance of it.  A spate of recent California enforcement actions makes clear that companies must be prepared to validate how privacy control’s function, including across systems, platforms, and data flows, making thoughtful, system-oriented self-assessment an increasingly important tool for aligning policy commitments with operational reality—before regulators do it for them.  SPB helps client’s self-access, identify gaps and remediate issues under the cloak of privilege.

Continue Reading CalPrivacy Update: Shifting to Structural Compliance and Auditing

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

State Privacy Enforcement Updates: CPPA Extracts Civil Penalties in Landmark Case; State Regulators Form Consortium for Privacy Enforcement Collaboration |

Companies in all industries take note: regulators are scrutinizing how companies offer and manage privacy rights requests and looking into the nature of vendor processing in connection with application of those requests. This includes applying the proper verification standards and how cookies are managed. Last month, the California Privacy Protection Agency (“CPPA” or “Agency”) provided

In February of last year, Privacy World reported on the Federal Communications Commission’s (“FCC” or “Commission”) clarification and codification of its Telephone Consumer Protection Act (TCPA) consent rules (“Revocation Order”). Among other things, the agency confirmed that consent to receive autodialed calls and texts could be revoked by “any reasonable means” and included specific examples of such of such methods.

Continue Reading FCC Approved Limited, One Year Waiver of Key Element of New TCPA Consent Revocation Rules

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Continue Reading Privacy World Week in Review

At its February 19, 2024 Open Meeting, the Federal Communications Commission (“FCC”) adopted an array of changes and codifications to its Telephone Consumer Protection Act (“TCPA”) rules to “strengthen consumers’ ability to revoke consent” to receive robocalls and texts after deciding that they no longer want them. The agency’s Report and Order and Further Notice of Proposed Rulemaking (Order) is designed to make consent revocation “simple and easy” and adopts requirements “for callers and texters to implement revocation requests in a timely manner.”

Continue Reading FCC Clarifies and Codifies TCPA Consent Revocation Rules

On January 8, New Jersey’s General Assembly and Senate passed a consumer privacy bill, S332, which would grant New Jersey residents several rights, and obligate controllers and processors of New Jersey residents to take action. The law is similar to consumer privacy laws passed last year in other states, with some distinctions.

Note: