Inside Privacy

Website: https://www.insideprivacy.com/
Follow:

Latest from Inside Privacy - Page 2

The Cybersecurity Information Sharing Act of 2015 (“CISA 2015”), which provided protections for sharing cybersecurity threat information with the federal government and others, officially sunset on September 30, 2025 pursuant to the law’s original sunset date after efforts to re-authorize it did not succeed.  The law created a cybersecurity information sharing framework and established certain

In late September, plaintiffs announced details regarding Google LLC’s (“Google”) and women’s health app developer, Flo Health Inc.’s (“Flo”) proposed settlements to resolve a class action lawsuit stemming from the Flo app’s allegedly unlawful sharing of health data with Google and others through online tracking technologies.

As part of the proposed settlements, Google agreed to

On September 24, Senate Democratic Leader Chuck Schumer (D-N.Y.), Senator Maria Cantwell (D-Wash.), and Senator Ed Markey (D-Mass.) introduced the Management of Individuals’ Neural Data (“MIND”) Act of 2025, which would require the Federal Trade Commission (“FTC”) to conduct a study and provide a report examining the governance of “neural data” under existing law and

On September 16, 2025, the European Commission launched a call for evidence to collect feedback and best practices on simplifying several key areas of the EU digital rulebook, ahead of its planned Digital Omnibus package. This initiative targets legislation related to data, cybersecurity, and artificial intelligence, aiming to reduce administrative burdens and compliance costs for

On September 5, 2025, the European Commission announced the launch of the process to adopt an adequacy decision for Brazil under the General Data Protection Regulation (GDPR), involving an assessment of whether Brazil ensures an adequate level of personal data protection comparable to that in the EU. Once adopted, the decision would permit personal data

On August 20, 2025, the Federal Trade Commission (“FTC”) sued Fitness International, LLC and Fitness & Sports Club LLC – the parent companies of LA Fitness and other gym chains – for  violations of Section 5 of the FTC Act and the Restore Online Shoppers’ Confidence Act (“ROSCA”) in connection with alleged practices that make it

On August 29, the Oregon Department of Justice (DOJ) issued an enforcement report and press release covering its first year of enforcement of the Oregon Consumer Privacy Act (OCPA).  The OCPA took effect on July 1, 2024, and the cure period sunsets on January 1, 2026.  We previously summarized some of requirements in the OCPA

In August, the Federal Trade Commission (“FTC”) announced a $14 million settlement with Match Group, Inc. and Match Group, LLC (collectively, “Match”), the parent companies of online dating platforms Match.com, OkCupid, PlentyOfFish, and other dating sites. In addition to monetary relief, the settlement includes significant injunctive provisions aimed at addressing alleged deceptive marketing and unfair

Last month, the U.S. Cybersecurity and Infrastructure Security Agency (“CISA”), in partnership with the Federal Bureau of Investigation (“FBI”), National Security Agency, Environmental Protection Agency, and cybersecurity authorities in Australia, Canada, Germany, Netherlands, and New Zealand, published new cybersecurity guidance (the “Guidance”) related to operational technology (“OT”), i.e., systems and devices that interact with a