On February 7, 2020, the California Attorney General’s (AG) Office released modifications to the proposed regulations to the California Consumer Privacy Act (CCPA).  The modifications incorporate amendments to the CCPA signed into law after the AG’s Office issued the proposed regulations in October 2019.  The modifications also reflect public comments made during the initial comment

In this podcast, we discuss the key aspects of the recently-proposed regulations to implement the CCPA, identify issues clarified by the proposal or left unresolved, compliance challenges raised by CCPA requirements for financial incentives and consumer requests received by large businesses, next steps (including the likely timeline for final regulations and enforcement), and activity in

The California Attorney General’s Office released its long-awaited proposed CCPA regulations last week.  The proposed regulations are 24 pages long, and address a number of important technical compliance issues including how businesses should:

  • provide just in time notice to consumers of personal information collected;
  • provide notice to consumers of the right to opt out of

The CCPA takes effect on Jan. 1, 2020.  In this podcast, we take a close look at the CCPA’s coverage and unique features, the scope of its “GLBA exemption,” third party issues, private actions and enforcement remedies, federal privacy law initiatives and the CCPA’s influence on state initiatives, and steps for companies facing CCPA compliance.

Just two days after the Federal Trade Commission (“FTC”) announced a historic settlement of privacy and security claims against Equifax, the FTC today announced that Facebook has agreed to pay $5 billion in civil fines, arising from its violation of a 2012 consent order with the FTC.  According to the FTC, this is the largest

I am pleased to announce that Kim Phan, an attorney noted for her work on privacy and data security issues for a variety of industries, including consumer financial services, retail, and higher education, has returned to Ballard Spahr as a partner after a short absence.  She will be based in the firm’s Washington, D.C. office.

The FTC has proposed amendments to its 2003 Safeguards Rule and 2000 Privacy Rule, applicable to financial institutions under the Gramm Leach Bliley Act (GLBA).  The proposed changes are informed by the FTC’s enforcement experience and are intended to keep pace with technological developments.

The Safeguards Rule requires financial institutions to have a comprehensive information

New proposed legislation in California, backed by state Attorney General (“AG”) Xavier Becerra, would amend the new California Consumer Privacy Act (“CCPA”) to make it easier for private plaintiffs and public officials to sue for violations while further increasing regulatory uncertainty and compliance costs for businesses. Specifically, SB 561 would expand the CCPA’s private right

Less than three months after California passed the California Consumer Privacy Act of 2018 (CCPA), Governor Jerry Brown signed SB 1121 this week, making a number of technical and substantive changes to the law.

Of particular note: SB 1121 modifies the financial institution carve-out language in CCPA section 1798.145(e). While the change is a welcome

California is once again poised to set the standard for privacy and data security by enacting the first state law directed at securing Internet of Things (IoT) devices. The law has passed the state legislature and is awaiting the signature of Governor Jerry Brown. It requires manufacturers of “connected devices” to equip them with “a