Keypoint: New York City issued final regulations on the use of automated employment decision tools by employers, with enforcement to begin on July 5, 2023.

The New York City Department of Consumer and Worker Protection (DCWP) adopted its Final Rule to implement Local Law 144, which regulates the use of “automated employment decision tools” (AEDTs) to screen applicants or employees in the city. The DCWP also announced that it will begin enforcing the law on July 5, 2023.

Continue Reading NYC Finalizes Regulations on AI Employment Tools and Will Begin Enforcement on July 5, 2023

Keypoint: With a private right of action, broad applicability to businesses of all sizes and types, a scope that is broader than its name suggests, and strong consent-based requirements and privacy rights, the Washington My Health My Data Act will be a transformative privacy law for the United States.

On April 17, 2023, the Washington legislature passed the My Health My Data Act (MHMD) (HB 1155). The bill now heads to the Washington Governor who can sign it, veto it, or allow the bill to become law without signature.

We have been tracking MHMD since it was first introduced in early January, provided a detailed analysis of the bill after it first passed the House in mid-March, and discussed its definition of “consumer health data” and private right of action in our April 10 weekly post. In the below post, we add to our analysis by providing five key takeaways about MHMD.

Continue Reading Washington Legislature Passes My Health My Data Act

Keypoint: Last week the Indiana legislature passed a consumer data privacy bill.

Below is the fourteenth weekly update on the status of proposed state privacy legislation in 2023. Before we get to our update, we wanted to provide two reminders.

First, we are regularly updating our 2023 State Privacy Law Tracker, 2023 State Children’s Privacy Law Tracker, and 2023 State Biometric Privacy Law Tracker. We encourage you to bookmark the pages for easy reference.

Second, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following on LinkedIn and/or Twitter.

Continue Reading Proposed State Privacy Law Update: April 17, 2023

Keypoint: The Indiana legislature is the seventh state legislature to pass consumer data privacy legislation.

On April 13, 2023, the Indiana legislature passed SB 5. The bill largely tracks the Virginia Consumer Data Protection Act (VCDPA) with some limited variations.

The Senate originally passed the bill by a vote of 49-0 on February 9, 2023. The House passed an amended version of the bill by a vote of 98-0 on April 11, 2023. On April 13, 2023, the Senate concurred in the House amendments. Pending any remaining procedural hurdles, the bill will be sent to Indiana Governor Eric Holcomb in the coming days.

In the below post, we provide a summary of some of the bill’s unique provisions. Click here for a more detailed comparison of the Indiana bill against the six existing state privacy laws.

Continue Reading Indiana Legislature Passes Consumer Data Privacy Bill

Keypoint: Last week the Washington Senate passed the My Health My Data Act, the Arkansas legislature passed the Social Media Safety Act, and the Texas House passed the Texas Data Privacy and Security Act.

Below is the thirteenth weekly update on the status of proposed state privacy legislation in 2023. Before we get to our update, we wanted to provide two reminders.

First, we are regularly updating our 2023 State Privacy Law Tracker, 2023 State Children’s Privacy Law Tracker, and 2023 State Biometric Privacy Law Tracker. We encourage you to bookmark the pages for easy reference.

Second, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following on LinkedIn and/or Twitter.

Continue Reading Proposed State Privacy Law Update: April 10, 2023

Keypoint: In March 2023, more California courts tackled motions to dismiss claims that chat features violate wiretapping laws while Georgia and Minnesota courts weighed in on VPPA claims.

This is the first of our monthly data privacy litigation reports to provide updates on how courts have handled emerging data privacy tends in the past month. In this post we look at developments in lawsuits relating to chat wiretap claims, session replay claims, VPPA claims, and BIPA claims. (If any of these case theories are new to you, be sure to check out the “Overview” section below.) There are many courts currently handling data privacy cases across the nation. Although illustrative, this update is not intended to be exhaustive. If there is another area of data privacy litigation about which you would like to know more, please reach out.

The contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following us on LinkedIn.

Continue Reading U.S. Privacy Litigation Update: March 2023

Last week the Iowa Governor signed the Iowa Privacy Act into law, social media bills were voted out of the Arkansas Senate and a New Jersey Assembly committee, an amended version of Florida’s consumer privacy bill advanced out of a subcommittee, and Connecticut’s health and children’s privacy bill was voted out of a committee.

Below is the twelfth weekly update on the status of proposed state privacy legislation in 2023. Before we get to our update, we wanted to provide two reminders.

First, we are regularly updating our 2023 State Privacy Law Tracker, 2023 State Children’s Privacy Law Tracker, and 2023 State Biometric Privacy Law Tracker. We encourage you to bookmark the pages for easy reference.

Second, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following on LinkedIn and/or Twitter.

Continue Reading Proposed State Privacy Law Update: April 3, 2023

Keypoint: The Office of Administrative Law’s approval of the CCPA regulations ends a months-long rulemaking process that began in September 2021.

On March 30, 2023, the California Privacy Protection Agency (Agency) announced that the California Office of Administrative Law (OAL) approved the Agency’s first substantive CCPA rulemaking package. The approved regulations, which are immediately effective, can be enforced beginning July 1, 2023.

Continue Reading California OAL Approves CCPA Regulations

In the nineteenth episode of our Legislating Data Privacy podcast series, we talk with Texas Representative Giovanni Capriglione.

Representative Capriglione is the primary author of the Texas Data Privacy and Security Act (House Bill 4). During this interview, Representative Capriglione discusses the background of drafting the bill, the bill’s provisions (including its unique takes on some familiar concepts), and the potential path for passage.

Click here or below to listen to the full interview.

Keypoint: Last week the Maryland House passed a children’s privacy bill, the Utah Governor signed two social media bills, the Washington My Health My Data Act continued to progress, and committees in Texas and Tennessee advanced consumer privacy bills.

Below is the eleventh weekly update on the status of proposed state privacy legislation in 2023. Before we get to our update, we wanted to provide two reminders.

First, we are regularly updating our 2023 State Privacy Law Tracker, 2023 State Children’s Privacy Law Tracker, and 2023 State Biometric Privacy Law Tracker. We encourage you to bookmark the pages for easy reference.

Second, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following on LinkedIn and/or Twitter.

Continue Reading Proposed State Privacy Law Update: March 27, 2023