Thursday 03 23, 2023

How to Keep Up With New Privacy Laws

Portrait Liana Chen
By Liana Chen


There has been a wave of emerging and detailed privacy laws from the California Consumer Privacy Act ("CCPA"), as amended by the California Privacy Rights Act ("CPRA"), to the General Data Protection Regulation ("GDPR") - how can companies stay on top of new requirements?

In fact, draft regulations for the CCPA were recently published, adding requirements and specifications to existing regulations for companies doing business in California; and the CCPA now has a new enforcement agency, the California Privacy Protection Agency ("CPPA").

The legal landscape includes international, issue and industry-specific, and various state laws, such as the Colorado Privacy Act ("CPA"), Connecticut Data Privacy Act ("CDPA"), Delaware Online Privacy and Protection Act ("DOPPA"), Nevada Revised Statutes, Utah Consumer Privacy Act ("UCPA"), Vermont Statutes, Virginia Consumer Data Protection Act ("VCDPA"), and Illinois Biometric Information Privacy Act (“BIPA”), not to mention federal legislation including the Federal Trade Commission ("FTC") Act, Children's Online Privacy Protection Act ("COPPA"), Gramm-Leach-Bliley Act ("GLBA"), Telephone Consumer Protection Act ("TCPA"), Telemarketing Sales
Rule (“TSR”), CAN-SPAM, Health Insurance Portability and Accountability Act ("HIPAA"), and various FTC rules and guidelines. Businesses may also be confused about European and international laws and standards, such as the Privacy Shield and Standard Contractual Clauses ("SCCs").

Experienced counsel can assist navigating these ever-changing requirements, including by:

  • Assisting with necessary data mapping and/or risk impact assessments;
  • Updating consumer privacy policies and terms of service, as well as consumer-facing privacy notices (e.g., "Do Not Sell or Share My Personal Information," "Your Privacy Choices," and "Limit Use of My Sensitive Personal Information");
  • Updating internal privacy and data security policies (e.g., employee training, data retention policy, incident response plan, and data security policy); and
  • Updating contracts with related companies and others, including CCPA categories for "service providers," "contractors," and "third parties."

Kronenberger Rosenfeld regularly advices clients on privacy and general advertising compliance and litigation matters.

This entry was posted on Thursday, March 23, 2023 and is filed under Resources & Self-Education, Internet Law News.

Related articles

Privacy & Cybersecurity

CCPA Opt-out Buttons as Options for CCPA Compliance

The proverbial dust from the implementation of the California Consumer Protection Act (“CCPA”) has settled. And at this point, most businesses are aware that under the CCPA, California residents have...

Read Article

Privacy & Cybersecurity

Don’t Get Shaken Down by a Privacy Lawsuit

With emerging data privacy and security laws, plaintiffs and class action law firms have been filing novel legal actions, including large class actions seeking statutory damages and fees. Virtually every...

Read Article

Privacy & Cybersecurity

CCPA v. CPRA – Privacy Laws Compared

The California Consumer Privacy Act (CCPA) is still relatively new, and now there is another expansive privacy law in California, the California Privacy Rights Act (CPRA). In November 2020, California...

Read Article

Privacy & Cybersecurity

Novel CCPA/CPRA Enforcement Treats Targeted Ads as Data

In a novel case, the California Attorney General (AG) has treated targeted ads using third parties, such as through routine marketing and analytics cookies, as data "sales." What did the...

Read Article
Get the help you need.

We offer legal advice on a wide range of online topics

Get legal help now

Not seeing what you’re looking for?

Submit your case in 3 minutes and get legal help fast.

Submit your case online


Give us a call
Join our mailing list

Stay ahead of legal matters

The internet moves fast. We'll keep you informed.