Latest Posts
Search for:
Author

Michelle Shin

Browsing
In California Privacy Law

Dark Pattern Prohibitions the Subject of New Enforcement Advisory in California

by and 2 Mins Read

The California Privacy Protection Agency has issued an Enforcement Advisory on the topic of dark patterns. The California Consumer Privacy Act uses the term “dark patterns” to refer generally to user interfaces that subvert or impair consumers’ autonomy, decisionmaking, or choice when asserting their privacy rights or consenting to personal information processing activities. For example, when businesses provide choices to consumers, such as via cookie banners or in privacy preference centers, choices must be clear…

In Advertising & Marketing

Compliance Essentials for Organizing Legal Giveaways, Sweepstakes, and Contests in the U.S.

by , , , and 6 Mins Read

Organizing a giveaway, sweepstakes, contest, or similar promotional event can be an effective way for companies to engage with their audience and boost brand visibility. But navigating the complex legal landscape surrounding these types of promotions in the U.S. and around the world is crucial to avoid potential pitfalls. From ensuring compliance with federal and state regulations to avoiding accusations of illegal gambling, there are numerous considerations that businesses must address to conduct a successful…

In California Privacy Law

Amendments to California’s CMIA Bring Health Data New Requirements

by , and 4 Mins Read

In Brief Various players in the health care industry are or will soon be subject to new requirements relating to sexual and reproductive health data under a pair of bills passed last year amending the California Confidentiality of Medical Information Act (the “CMIA”). Many of the central provisions of bills AB 254 and AB 352, which were both signed into law by Governor Gavin Newsom in September 2023, came into effect on January 1, 2024.…

In California Privacy Law

More Guidance, More Privacy Notices, Are You Drafting Yours for Washington?

by and 2 Mins Read

Organizations subject to the Washington State My Health My Data Act (generally any organization with physical premises in Washington, and many organizations without it) are preparing for compliance by March 31, 2024. And should, in addition to the overall compliance requirements and immediate action items, be aware that the Washington Attorney General updated its guidance on the requirements for a consumer health privacy policy. Section 4(1)(b) of the My Health My Data Act explicitly provides…

In California Privacy Law

Nevada and Washington Consumer Health Privacy Laws Operative in March – Top 6 Things To Do Now

by and 5 Mins Read

If your organization does business across the U.S. and collects consumer health data (broadly defined, health inferences generated from non-health data count), compliance with U.S. state consumer health privacy laws is just around the corner. Consumer health privacy laws in Nevada (Senate Bill 370) and Washington (the My Health My Data Act) become fully operative for regulated entities on March 31, 2024. Requirements specific to consumer health data are already operative in Connecticut. Here are…

In California Privacy Law

The Data Market in California faces another blow as data brokers will be subject to additional obligations under the streamlined deletion mechanism for California consumers

by , , , , , and 3 Mins Read

If you are a data broker or a business that relies on data brokers for targeted advertising, you should be aware that the California Data Broker Law will be significantly changed under the California Delete Act On October 10, 2023, California Governor, Gavin Newsom, signed Senate Bill 362, referred to as the Delete Act, into law. The Delete Act amends existing data broker laws to subject all data brokers to new registration and disclosure requirements…

In California Privacy Law

Senate Bill 362 to Amend California Data Broker Law

by , , and 3 Mins Read

If you are a data broker or a business that relies on data brokers for targeted advertising, you should be aware that the California Data Broker Law may be significantly changed under a proposed bill. Under Senate Bill 362, the California Privacy Protection Agency (CPPA) would be required to set up, by January 1, 2026, an accessible deletion mechanism where consumers could request deletion via the CPPA that all data brokers then have to honor.…

In California Privacy Law

In the Emerging Patchwork of US State Consumer Health Privacy Laws: Understanding and Complying with California’s Confidentiality of Medical Information Act

by , and 5 Mins Read

So far this year, three US states have passed laws with specific obligations related to consumer health privacy law: Washington, Connecticut, and Nevada. When it comes to California, the omnibus California Consumer Privacy Act (CCPA) applies also to the processing of health information. But, if the sectoral Confidentiality of Medical Information Act (CMIA) applies and is complied with, CMIA, and not the CCPA, applies. Most companies that do business in California are subject to CMIA,…

In California Privacy Law

Iowa Consumer Data Protection Act takes effect in 2025

by , , and 9 Mins Read

Companies around the world should start preparing for the Iowa Consumer Data Protection Act (Iowa Act) with respect to personal data of consumers in Iowa. With the Iowa Act, Iowa follows the California Consumer Privacy Act of 2018, as amended by the California Consumer Rights Act of 2020 (CCPA), but excludes consumers acting in a commercial or employment context. Businesses that have implemented measures to comply with the CCPA and other US state privacy laws…

Load More