On August 24, 2022, California Attorney General Rob Bonta announced the Office of the Attorney General’s (“OAG’s”) first settlement of a California Consumer Privacy Act (“CCPA”) enforcement action, against Sephora, Inc.
Continue Reading First CCPA Enforcement Action Settlement Announced by California AG

Recently, the Governor of California signed the California Consumer Privacy Act of 2018. The Act introduces key privacy requirements for businesses, and was passed quickly by California lawmakers in an effort to remove a ballot initiative of the same name from the November 6, 2018, statewide ballot.
Continue Reading California Consumer Privacy Act Signed, Introduces Key Privacy Requirements for Businesses

On January 8, 2018, the FTC announced an agreement with an electronic toy manufacturer, settling charges that VTech violated COPPA by collecting personal information from hundreds of thousands of children without providing direct notice or obtaining their parent’s consent, and failing to take reasonable steps to secure the data it collected.
Continue Reading FTC Settles First Children’s Privacy Case Involving Connected Toys

On August 15, 2017, the FTC announced that it had reached a settlement with Uber, Inc., over allegations that the ride-sharing company had made deceptive data privacy and security representations to its consumers. Under the terms of the settlement, Uber has agreed to implement a comprehensive privacy program and undergo regular, independent privacy audits for the next 20 years.
Continue Reading Uber Settles FTC Data Privacy and Security Allegations

In a video roundtable series, Hunton & Williams LLP partners Lisa J. Sotto and Steven M. Haas and special counsel Allen C. Goolsby, along with Stroz Friedberg’s co-president Eric M. Friedberg and Lee Pacchia of Mimesis Law, discuss the special consideration that should be given to privacy and cybersecurity risks in corporate transactions. This blog post contains links to the first two segments of the videos.
Continue Reading Privacy and Data Security Risks in M&A Transactions: Video Series

On July 21, 2017, New Jersey Governor Chris Christie signed a bill that places new restrictions on the collection and use of personal information by retail establishments for certain purposes. The statute, which is called the Personal Information and Privacy Protection Act, permits retail establishments in New Jersey to scan a person’s driver’s license or other state-issued identification card only for eight purposes.
Continue Reading New Jersey Shopper Privacy Bill Signed into Law