Inside Privacy

Website: https://www.insideprivacy.com/
Follow:

Latest from Inside Privacy - Page 2

On May 26, 2026, the Cybersecurity & Infrastructure Security Agency (“CISA”), announced a revised schedule of virtual town halls as part of its rulemaking implementing the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”).  These town halls were initially scheduled for March and April 2026 but were delayed by the lapse in funding

On May 13, 2026, the Federal Trade Commission (“FTC”) announced that Shutterstock, Inc. had agreed to a $35 million settlement resolving allegations that the company engaged in unfair and deceptive subscription practices. The FTC asserted claims under Section 5 of the FTC Act and the Restore Online Shoppers’ Confidence Act (“ROSCA”), alleging that Shutterstock charged

On 7 May 2026, negotiators from the Council of the European Union, the European Parliament, and the European Commission reached a provisional agreement on the terms of the Digital Omnibus on AI, marking the first set of amendments to the EU AI Act since its adoption in June 2024. The final package of amendments reflects

On April 17, 2026, the Italian data protection authority (the “Garante”) published Provision No. 284 setting out guidelines on the use of “tracking pixels” in emails (the “Guidelines”). This publication closely follows the recommendation issued by the French data protection authority on the same topic, which is discussed in a separate blog post available here

The European Commission has set a clear timeline for rolling out age verification across the EU:

  • by June 30, 2026, Member States are encouraged to submit implementation plans; and
  • by December 31, 2026, at least one EU‑compliant age verification solution should be available in each Member State.

This timeline, set out in the Commission’s (non-binding)

On 29 April 2026, the UK Information Commissioner’s Office (“ICO”) updated its guidance on the use of storage and access technologies (i.e., cookies and other technologies that store or access information stored on users’ devices) under Regulation 6 of the Privacy and Electronic Communications Regulations 2003 (“PECR”). These updates follow on the heels of two

On April 27, 2026, District of Columbia Attorney General Brian L. Schwalb filed a complaint against Mid‑America Apartment Communities, Inc., and its subsidiaries (collectively, “MAA”) alleging that the landlord charged illegal fees and misled prospective tenants about the true cost of rent. This action is the latest example of state and federal enforcement scrutiny of

On April 14, 2026, the FTC announced three settlements and issued closing letters to two additional companies concerning “Made in America,” “Made in the USA,” and similar U.S.‑origin claims (collectively, “MUSA claims”).  These actions reflect the FTC’s continued focus on MUSA claims and, more broadly, the Trump administration’s focus on American manufacturing and related claims

On 31 March 2026, the UK’s Information Commissioner’s Office (“ICO”) launched a public consultation on draft updated guidance on automated decision-making (“ADM”), including profiling (“Draft Guidance”) and simultaneously published a report on the use of ADM in recruitment (“Recruitment Report”).

The Draft Guidance is the ICO’s first detailed interpretation of the Data (Use and Access)