Gicel Tomimbang

CPW’s Ericka Johnson and Gicel Tomimbang will be the featured speakers at ISSA (Information Systems Security Association) Los Angeles chapter’s June in-person meeting focused on latest cyber threats to national security.  The Biden administration has identified cybersecurity as a national and economic security focus, and has implemented new regulations, expanded existing authorities, and

The California Privacy Protection Agency (“CPPA” or “Agency”) hosted its first public meeting yesterday following publication of the first draft of proposed regulations (“Regs”) (on May 27) and the initial statement of reasons (“ISOR”) on June 3. Immediately below, we summarize highlights of the meeting held by the CPPA, including taking a further step towards

Last week, the Federal Trade Commission (“FTC”) held an open meeting focused on issues related to children’s privacy and those pertaining to the use of endorsements and testimonials in advertising. In the meeting, the FTC adopted a new policy statement targeting data collection practices in educational technology. Further, the FTC proposed amendments to the Guides Concerning the Use of Endorsements and Testimonials in Advertising (“Endorsement Guides”) which would target child-directed marketing. Of note, one of the amendments would recognize that children may react to advertising practices differently than adults and thus advertising practices directed towards children may be treated differently by the FTC compared to those practices directed towards adults.
Continue Reading FTC Targets Children’s Privacy and Stealth Advertising Directed at Children

The California Privacy Protection Agency (“CPPA”) will host its next public meeting on Thursday, May 26, 2022 at 11AM PT. Members of the public may attend in person or virtually by following these instructions. CPPA Director Ashkan Soltani will provide an update on the CPPA’s hiring, budget, and rulemaking activities.  Importantly, subcommittees will provide

The Federal Trade Commission (“FTC”) announced its next open meeting will focus on issues related to children’s privacy and those pertaining to the use of endorsements and testimonials in advertising.
Continue Reading FTC to Discuss Children’s Privacy, Endorsement Guides at Next (Virtual) Open Commission Meeting: May 19, 2022, 1PM ET

Google announced it will be rolling out a “Data Safety” section for apps listed on its app marketplace, Google Play, similar to Apple’s Privacy Nutrition Labels. The Data Safety section will provide consumers with a summary of an app’s privacy and security practices, including but not limited to what user data an app “collects” or “shares”. App developers (“Developers”) must complete the Data Safety form by July 20, 2022. Notably, Google has not implemented a tracking opt-in, like Apple Tracking Transparency, in association with the Data Safety initiative. As your app’s Data Safety disclosure will serve as a de facto additional privacy notice of your organization, development and product teams should consult with the legal/privacy counsel as they populate the information. Below, we provide high-level instructions on populating the Data Safety Form (“Form”) and additional Google privacy requirements. If you are interested in further information on this topic, we have detailed guidance on Google Data Safety, as well as Apple’s Privacy Nutrition Labels and App Tracking Transparency requirements, including detailed instructions on how to complete the forms (with screenshots), available for a fixed fee.  
Continue Reading Google to Require Apps to Display “Data Safety” Information by July 20, 2022

Indiana passed HB 1351 in March 2022, amending Indiana’s data breach notification law. Indiana’s breach notification law, as currently drafted, requires entities to notify Indiana residents and the Indiana Attorney General of a breach of the security of data without unreasonable delay and consistent with any measures necessary to determine the scope of the breach

Connecticut is gearing up to be the next state with a comprehensive privacy law. On April 28, 2022, the Connecticut General Assembly passed SB 6, “An Act Concerning Personal Data Privacy and Online Monitoring,” which is currently with the governor awaiting signature.  Of the state laws that have passed, SB 6 is most similar to the Colorado Privacy Act (“CPA”), Virginia Consumer Data Protection Act (“CDPA”), and Utah Consumer Privacy Act (“UCPA”). For example, under SB 6, the terms “controller,” “processor,” and “personal data” have similar definitions as under the CPA, CDPA, and UCPA.
Continue Reading Connecticut General Assembly Passes Comprehensive Privacy Bill

Members of the globally recognized Squire Patton Boggs (US) LLP’s Data Privacy, Cybersecurity & Digital Assets Practice gathered in Washington, DC, to participate in person at the IAPP Global Privacy Summit (“GPS 2022”). The Practice has experienced tremendous growth in the past twelve months under the leadership of Alan Friel. The full contingency of

The Utah Consumer Privacy Act (“UCPA”) was signed into law by Governor Spencer J. Cox yesterday. CPW has been tracking the UCPA’s progress throughout this legislative session.

Effective Date

December 31, 2023.

Applicability

In comparison to other state laws, the UCPA’s applicability thresholds are more stringent, requiring controllers or processors to meet three prongs:

  1. Do