In the two years since the Dobbs v. Jackson Women’s Health decision from the Supreme Court, state legislatures and courts have attempted to define the new post-Roe landscape in health care. That effort includes actions by states to enact health data privacy laws or to amend existing privacy laws to protect consumer health data

Please click here to access the source post from our Global Regulatory Enforcement Law Blog.

In this blog, the authors delve into a significant decision by the German Federal Cartel Office (FCO) four years ago, accusing a major technology company of abusive behavior due to alleged violations of the General Data Protection Regulation (GDPR). Recently

Almost 20 million Americans — 8 percent of the U.S. population — are blind or have visual impairments. Accordingly, organizations and businesses in nearly every industry stand to benefit from the use of vision related accessibility tools, which can increase employee productivity and provide a more inclusive user experience. To address this need, M365 incorporates a slew of tools and features – such as screen readers, text-to-speech, and color filters – that make it easier for end users with visual impairments to access, use, and benefit from M365 products. However, because these tools may collect and store user data in ways that may not be immediately apparent, businesses employing them must remain cognizant of the potential downstream risks associated with their use. Listen to our latest Tech Law Talks podcast episode, M365 accessibility: Vision-specific tools, as we discuss.Continue Reading M365 Accessibility: Considerations and Risks Associated with Vision Related Tools

With increased digitization of business processes and services affecting all industries and enterprises, the need for accessible digital tools continues to grow. Indeed, 26% of adults living in the United States have some type of disability, highlighting the crucial role accessibility tools serve in ensuring an inclusive digital environment.  Furthermore, in certain instances, the implementation of accessibility best practices may be legally required. We discuss these issues in our most recent Tech Law Talks podcast.Continue Reading Digital Accessibility: Legal & Practical Issues to Consider

In Q1 2022, the UK’s Information Commissioner’s Office (ICO) issued 26 enforcement actions. There were 15 monetary penalties issued, ranging between £2k – £200k, and 11 enforcement notices. The majority of the fines and enforcement notices related to unsolicited marketing activities, two related to data subject rights infringements, and one related to a failure to ensure adequate security around personal data. The last related to a ransomware attack and despite the controller being subjected to a malicious cybercrime, it was penalised for a failure to address known vulnerabilities and to prevent the ransomware attack in time.Continue Reading ICO enforcement actions in Q1 2022

On March 8th, the Children’s Advertising Review Unit (“CARU”), a FTC-approved safe harbor organization that monitors compliance with the Children’s Online Privacy Protection Act (“COPPA”), announced it had found TickTalkTickTalk––a children’s smart watchmaker and one of CARU’s member organizations—in violation of COPPA and CARU’s privacy guidelines.
Continue Reading Kids’ Smart Watchmaker Updates Privacy Practices at Safe Harbor’s Direction

In the latest edition of the IAPP Privacy Advisor, Divonne Smoyer and Roger Gibboni talk with Iowa Attorney General (AG) Tom Miller on the latest issues surrounding emerging technology, data privacy and consumer protection. As the longest serving state AG in U.S. history and the President of the National Association of Attorneys General, AG Miller

The Attorney General Alliance and the Colorado Department of Law’s recent symposium “Colorado Privacy Act: Rights, Obligations, and Next Steps” demonstrates a continued commitment by various state attorneys general to influence and enforce data privacy policies. The panel discussions focused on the Colorado Privacy Act (CPA), one of only three comprehensive data privacy laws in

In response to recent cybersecurity incidents, the Federal Energy Regulatory Commission (FERC) has announced a Notice of Proposed Rulemaking (NOPR) that would task the North American Electric Reliability Corporation (NERC) to impose additional cybersecurity requirements on high-, medium-, and, potentially, low-impact bulk electric systems in its Critical Infrastructure Protection (CIP) Reliability Standards.
Continue Reading Additional cybersecurity measure proposed for CIP Reliability Standards

In a recent Q&A conducted by Divonne Smoyer and Karen Lee Lust with Connecticut Attorney General (AG) William Tong published in the IAPP Privacy Advisor, the AG discusses how he has continued Connecticut’s role as a privacy leader among the states, partnering with the U.S. Federal Trade Commission on data privacy-related matters and other compliance