Privacy Plus+ News
Stay informed with our latest insights on privacy and technology trends, along with key updates from our firm.
The Rise of UOOMs
This week, let’s focus on Universal Opt-Out Mechanisms (UOOMs), like the Global Privacy Control and highlight several related state privacy laws (California, Colorado, and Connecticut).
FTC Boldly Moves into a New Era of Data Minimization and Retention
This week, let’s look at how the Federal Trade Commission has placed its focus on data minimization and retention, and consider whether this could be an inflection point in data privacy regulation.
Ed Tech Privacy and Security Alert: FTC Obtains a New Consent Order against Edmodo
This week, let’s look at the latest consent order secured by the FTC against Ed Tech provider Edmodo for its collection and use of children’s personal information. Companies in the Ed Tech sector, and vigilant parents and educators should pay close attention.
“Data Provenance”: Navigating Ownership, Authenticity, and Rights in the Digital Age
This week, let’s examine “Data Provenance,” a concept that involves tracing the lineage of data — its origins, transformations, and ownership. We’ll also propose a new specialized application for “Data Provenance:” regulating the privacy of personal data.
E.U. and U.S. Have Agreed to A New Data Privacy Framework - What’s Old is New Again
This week, let’s look at the new self-certification procedure in the Data Privacy Framework facilitating the transfer of personal data from the European Union to the United States.
FTC Charges Genetic Testing Company 1Health.io with Privacy and Security Failures
This week, let’s consider the case against 1Health.io. It’s the latest FTC privacy enforcement action, and it is the first case focused on the privacy and security of genetic information.
Texas Data Privacy and Security Act
The Texas Data and Privacy Security Act is the latest comprehensive state privacy bill to be signed into law. Here, we’re summarizing it.
US Intelligence Community Is Buying “Commercially Available” Surveillance Data – What are the Implications?
This week, let’s consider a recently-declassified report issued by the Office of the Director of National Intelligence on the Intelligence Community’s purchase and use of sensitive “Commercially Available Information.”
Janus - Use of Facial Recognition Expanded by the TSA
This week, let’s consider the Janus-faced tension between privacy and security as the TSA expands its use of facial recognition technologies in airports (while keeping its privacy policy far from a model of completeness).
When Atlas Shrugs – FTC Faults Amazon for Alexa and Ring
This week, let’s highlight the latest privacy enforcement actions by the Federal Trade Commission — two cases against Amazon; and also discuss the developing trend of holding company executives directly responsible for data protection.
The Implications of Varying "Opt-in" and "Opt-out" Requirements in New State Privacy Laws
This week, let’s examine a surprising topic: the variations among new state privacy laws regarding the obligations for "opt-in" and "opt-out" consent.
The State-by-State of Data Privacy Laws
This week, let’s consider the worldwide privacy landscape and the consequences of having a kaleidoscope of varying state privacy regulations.
All the Talk About Chat-GPT
This week, let’s talk about Chat-GPT as Italy’s Data Protection Authority blocks it and Elon Musk and others call for freeze amidst warnings related to privacy and the existential risk posed by too-powerful AI.
Mental Health Data is For Sale
This week, let's consider banning the sale of mental health data in light of a new study published by Duke, and actions by the FTC against BetterHelp (for sharing mental health data with Facebook and others targeted advertisers) and Kochava (for selling sensitive geolocation information).
Section 702, the Supreme Court, the European Parliament, and Congress
This week, we invoke Sherlock Holmes while discussing the latest news regarding Section 702 of the National Security Act, the GDPR and cross-border data transfers.
Managing AI Risk: NIST Framework and ISO Guidance Announced
This week, let’s highlight the new risk management framework and guidance respectively published by NIST and ISO.
Bad Privacy Practices at GoodRx?
This week, let’s look at a new Consent Decree required by FTC and consider its prohibition of disclosure of health information for advertising purposes, along with the FTC’s expanding privacy enforcement and continued rumblings inside the Commission.
“It’s Turtles All the Way Down” - FTC Focuses on AWS Security
This week, let’s look at a recent FTC Consent Order, then consider what lessons can be drawn about using AWS. We’ll also explain how IT infrastructure fits the turtle metaphor featured in the title of this post.
HM in DBA Headnotes Discussing Uber CSO’s Criminal Conviction
Was Uber’s Chief Security Officer a villain or a scapegoat? And how should companies respond to the news of his criminal conviction? HM attorneys discuss in this month’s Headnotes for the Dallas Bar Association.
European Data Protection Authorities Set Sites on Microsoft 365
This week, let’s consider European DPAs published privacy concerns about Microsoft 365, and related risks associated with workforce productivity suites.