Abstract The recently introduced American Privacy Rights Act (APRA) represents the latest attempt to pass a comprehensive federal privacy law in the US that would govern privacy generally across the country. The draft bill proposes novel compromises on controversial topics such as federal preemption and rights of private action, which need refinement and will likely be changed in the legislative process. The attempt to cover not-for-profit entities without accounting for their different purposes seems ill…
Organizing a giveaway, sweepstakes, contest, or similar promotional event can be an effective way for companies to engage with their audience and boost brand visibility. But navigating the complex legal landscape surrounding these types of promotions in the U.S. and around the world is crucial to avoid potential pitfalls. From ensuring compliance with federal and state regulations to avoiding accusations of illegal gambling, there are numerous considerations that businesses must address to conduct a successful…
28 January 2024 is Data Protection Day (or Data Privacy Day outside of Europe), which marks the anniversary of the Council of Europe’s Convention 108. Data Privacy Day encourages the global community to think about the importance of respecting privacy, safeguarding data, and enabling trust. In an increasingly connected and digitized world, where data protection, privacy and cybersecurity regulation are rapidly evolving, the work of the global data community is more vital, and more challenging,…
On October 30, 2023, President Biden issued a 63-page Executive Order to define the trajectory of artificial intelligence adoption, governance and usage within the United States government. The Executive Order outlines eight guiding principles and priorities for US federal agencies to adhere to as they adopt, govern and use AI. While safety and security are predictably high on the list, so too is a desire to make America a leader in the AI industry including…
In brief On October 8, 2023, California Governor Gavin Newsom signed two bills into law amending the California Consumer Privacy Act (CCPA). AB 947 classifies citizenship and immigration status as “sensitive personal information” subject to special protections under the CCPA, while AB 1194 strengthens reproductive privacy rights. Both bills carried the unanimous endorsement of the California Privacy Protection Agency. Details for each bill are described below followed by actionable guidance businesses can take to prepare…
If you are a data broker or a business that relies on data brokers for targeted advertising, you should be aware that the California Data Broker Law will be significantly changed under the California Delete Act On October 10, 2023, California Governor, Gavin Newsom, signed Senate Bill 362, referred to as the Delete Act, into law. The Delete Act amends existing data broker laws to subject all data brokers to new registration and disclosure requirements…
If you are a data broker or a business that relies on data brokers for targeted advertising, you should be aware that the California Data Broker Law may be significantly changed under a proposed bill. Under Senate Bill 362, the California Privacy Protection Agency (CPPA) would be required to set up, by January 1, 2026, an accessible deletion mechanism where consumers could request deletion via the CPPA that all data brokers then have to honor.…
Just a few weeks after California Attorney General Bonta announced an investigative sweep through inquiry letters sent to California employers, today the California Privacy Protection Agency (CPPA) announced a California Consumer Privacy Act (CCPA) review of data privacy practices by connected vehicle manufacturers and related technologies, focusing on embedded features including “location sharing, web-based entertainment, smartphone integration, and cameras,” because “vehicles often automatically gather consumers’ locations, personal preferences, and details about their daily lives.” In…
So far this year, three US states have passed laws with specific obligations related to consumer health privacy law: Washington, Connecticut, and Nevada. When it comes to California, the omnibus California Consumer Privacy Act (CCPA) applies also to the processing of health information. But, if the sectoral Confidentiality of Medical Information Act (CMIA) applies and is complied with, CMIA, and not the CCPA, applies. Most companies that do business in California are subject to CMIA,…
Baker McKenzie recently hosted a roundtable discussion focused on Online Safety and Privacy for Children and Teenagers, led by Elizabeth Denham CBE, former UK Information Commissioner and consultant to our Toronto and London offices, and our California privacy and consumer protection partners Lothar Determann and Jonathan Tam. The session covered online youth protection laws and the perceived issues they’re intended to address, including protecting kids’ and teens’ mental health; the appropriateness of online materials and…