Keypoint: The comments focus on identifying areas in which the Attorney General’s Office may provide additional clarity to consumers and businesses and to ensure, where appropriate, the interoperability of the Colorado Privacy Act with state and international privacy laws.

The Colorado Attorney General’s Office is currently accepting pre-rulemaking input on the Colorado Privacy Act (CPA). It also will host public listening sessions on June 22  and June 28 for those interested in providing oral comments.

Given the importance of these forthcoming regulations to the development of U.S. privacy law, members of Husch Blackwell’s data privacy practice submitted extensive comments to the Office. The purpose of the comments is to identify areas in which the Office may provide additional clarity to consumers and businesses and to ensure, where appropriate, the interoperability of the CPA with other state privacy laws enacted in California, Connecticut, Utah, and Virginia and international privacy laws such as GDPR.

Continue Reading Husch Blackwell Submits Comments on Colorado Privacy Act Pre-Rulemaking

Keypoint: The chances for the United States to finally enact a federal privacy bill appear to have increased with the circulation of a bipartisan discussion draft although its chances for passage are far from clear.

On Friday, June 3, House and Senate leaders released a bipartisan discussion draft of a comprehensive data privacy bill called the American Data Privacy and Protection Act (ADPPA). Although there have been many federal privacy bills introduced in the past, this discussion draft is gaining widespread attention because of its timing, bipartisan support, and the fact that it reaches compromise positions on state law preemption and enforcement (the two primary obstacles for passing a federal privacy law).

In the below article, we first discuss the background of the discussion draft, including its chances for passage. We then provide a list of high-level takeaways.

Continue Reading Bipartisan U.S. Federal Privacy Bill Circulated

On May 27, 2022, the California Privacy Protection Agency issued draft regulations in connection with a Board meeting scheduled for June 8, 2022.

On June 9, 2022, members of Husch Blackwell’s data privacy team will host a webinar to analyze the draft regulations and how they will impact your CPRA compliance efforts. During the webinar, we will:

  • Review the draft regulations
  • Compare the draft regulations to the existing CCPA regulations
  • Analyze how the draft regulations interact with other state privacy laws in Colorado, Connecticut, Virginia and Utah

Click here for more information and to register.

Keypoint: The California Privacy Protection Agency issued a first set of draft regulations that contain a number of notable provisions but do not address all of the CPRA’s rulemaking topics.

On Friday, May 27, 2022, the California Privacy Protection Agency (CPPA or Agency) issued draft regulations in connection with a Board meeting scheduled for June 8, 2022.

In the below post, we provide high-level takeaways from the draft regulations, discuss the rulemaking timeframe, and provide a summary of some of the more notable provisions.

Continue Reading CPRA Draft Regulations Issued

Keypoint: Last week, the FTC signaled an increased focus on COPPA enforcement, targeting education technology companies while California and federal lawmakers consider enacting new laws to regulate the processing of children’s data.

Over the past few months there has been a growing bipartisan consensus among lawmakers and regulators of the need for increased regulation around the processing of children’s data. In a sign of the significance of the issue, President Biden specifically addressed children’s data privacy in his State of the Union Address. As discussed below, recent actions by the Federal Trade Commission (the “Commission”) and lawmakers signal that companies processing children’s data should expect to see increased scrutiny.

Continue Reading U.S. Children’s Privacy Law Update

Keypoint: This week the Connecticut Data Privacy Act was signed by the Governor, making Connecticut the fifth state to pass consumer data privacy legislation.

Below is our eighteenth – and final – weekly update on the status of proposed state privacy legislation in 2022. With the legislatures in many states now adjourned for the year, we are concluding our weekly updates.

That said, as discussed below, there are still a handful of bills pending in states such as Delaware, Louisiana, Pennsylvania, and California. We will continue tracking those bills through posts on LinkedIn and Twitter. Please consider friending or following to stay up to date.

Continue Reading Proposed State Privacy Law Update: May 16, 2022

In the fourteenth episode of our Legislating Data Privacy podcast series, we talk with Colorado Attorney General Phil Weiser.

Over the next year, the Colorado Attorney General’s office will play a significant role in the development of state privacy law through Colorado Privacy Act (CPA) rulemaking.

Continue Reading Legislating Data Privacy Series: A Conversation with Colorado Attorney General Phil Weiser

State Privacy Law UpdateKeypoint: This week the Delaware House passed a data broker bill, the Connecticut Data Privacy Act was sent to the Governor, Louisiana scheduled a hearing on its bill, and the Hawaii legislature closed without passing a bill.

Below is our seventeenth weekly update on the status of proposed state privacy legislation in 2022. Before we get to our update, we wanted to provide two reminders.

First, we regularly update our 2022 State Privacy Law Tracker to keep pace with the latest developments with CCPA-like privacy bills. We encourage you to bookmark the page for easy reference.

Second, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following on LinkedIn and/or Twitter.

Continue Reading Proposed State Privacy Law Update: May 9, 2022

Keypoint: As of May 7, 2022, New York employers that monitor or intercept employee emails, internet usage, or telephone communications must provide written notice to those employees.

On May 7, 2022, an amendment to the New York Civil Rights Act goes into effect that requires private employers with places of business anywhere in the state to provide employees a written notice if the employer monitors or intercepts employee emails, internet access or usage, or telephone conversations. The written notice must communicate that “any and all telephone conversations or transmissions, electronic mail or transmissions, or internet access or usage by an employee by any electronic device or system . . . may be subject to monitoring at any and all times by any lawful means.”

Continue Reading New York Employee Monitoring Law Goes Into Effect May 7, 2022

In the thirteenth episode of our Legislating Data Privacy podcast series, we talk with Kentucky Republican Senator Whitney Westerfield.

Senator Westerfield is the author of Senate Bill 15, which would have granted Kentucky residents various privacy rights regarding their personal data. Senator Westerfield’s bill was, in many respects, stronger than other bills proposed in 2022, drawing inspiration from GDPR and containing a private right of action.

In this episode, Senator Westerfield discusses SB 15’s interesting path during the 2022 legislative session and his goals for the bill in the 2023 session. Kentucky will be a state to watch in 2023.

Click here to listen to the full interview.