How to Keep Up With New Privacy Laws

There has been a wave of emerging privacy laws from the California Privacy Rights Act ("CPRA"), which updates the California Consumer Privacy Act ("CCPA"), to the General Data Protection Regulation ("GDPR") - how can companies stay on top of new requirements?

In fact, draft regulations for the CPRA were recently published, adding (draft) requirements and specifications for companies doing business in California; and the CPRA provides for a new enforcement agency, the "CPPA."

The legal landscape includes international, issue-specific, and various state laws, such as the Colorado Privacy Act ("CPA"), the Connecticut Data Privacy Act ("CDPA"), Delaware Online Privacy and Protection Act ("DOPPA"), Nevada Revised Statutes, Utah Consumer Privacy Act ("UCPA"), Vermont Statutes, Virginia Consumer Data Protection Act ("Virginia"), not to mention federal legislation including the Federal Trade Commission ("FTC") Act, Children's Online Privacy Protection Act ("COPPA"), the Gramm-Leach-Bliley Act ("GLB"), Telephone Consumer Protection Act ("TCPA"), CAN-SPAM, Health Insurance Portability and Accountability Act ("HIPAA"). Businesses may also be confused about European and international laws and standards, such as the Privacy Shield and Standard Contractual Clauses ("SCC").

Experienced counsel can assist navigating these ever-changing requirements, including by:

• Assisting with necessary data mapping and/or risk impact assessments;
• Updating consumer privacy policies and terms of service, as well as consumer-facing privacy notices (e.g., "Do Not Sell or Share My Personal Information" and "Limit Use of My Sensitive Personal Information");
• Updating internal privacy and data security policies (e.g., employee training, data retention policy, incident response plan, and data security policy); and
• Updating contracts with related companies and others, including CPRA categories for "service providers," "contractors," and "third parties."

Kronenberger Rosenfeld regularly advices clients on privacy and general advertising compliance and litigation matters.

This entry was posted on Tuesday, June 21, 2022 and is filed under Resources & Self-Education, Internet Law News.