Data Protection
FCC and FTC Announce new AI Calling and Voice Initiatives
On November 16th, the Federal Communications Commission (“FCC”) and Federal Trade Commission (“FTC”) announced new independent initiatives regarding the use and implications of AI technologies on consumers in the context of telephone and voice communications. Learn more about these initiatives on our sister blog, the Consumer Finance Monitor.

FTC Announces New Safeguards Rule Breach Notification Requirements
On October 27, the Federal Trade Commission (“FTC”) unanimously voted to amend the Safeguards Rule to require non-banking financial institutions, such as mortgage brokers, motor vehicle dealers, and payday lenders, to report data breaches and security events to the Agency. This amendment will become effective 180 days after its publication in the Federal Register.
Under…
California’s Proposed “Delete Act” Would Create a ‘Do Not Sell’ List for Data Brokers
California continues to be at vanguard of data privacy rights. The latest effort by California legislators to protect consumer privacy rights focuses on data brokers, who under the proposed California Senate Bill 362, aka the “Delete Act,” would be required to recognize and honor opt-out signals from Californians. The law seeks to expand on…
The Practical and Legal Complexities of Online Age Verification
One of the most significant trends in privacy law this year has been the surge in online child protection laws in U.S. states. In a recent article for the Cybersecurity Law Report , Ballard Spahr privacy attorneys Phil Yannella, Greg Szewczyk, Tim Dickens and Emily Klode explore the legal and practical complexities associated with these…
Washington State Poised to Pass Consumer Health Privacy Law
The State of Washington appears close to enacting a new law that regulates the privacy of consumer health information. If passed, the new law – the My Health My Data Act (MHMDA) –would take effect March 31, 2024 and apply to non-governmental entities that collect, process, share, or sell health information that can be linked…
FinCEN Analyzes BEC Trends in the Real Estate Sector

On March 30, 3023, the Financial Crimes Enforcement Network (FinCEN) issued a Financial Trend Analysis focusing on business email compromise (BEC) trends and patterns in the real estate sector (referred to as “RE BEC”). The report is required under Section 6206 of the Anti-Money Laundering Act of 2020 (AMLA). This section of AMLA requires FinCEN…
The Iowa Senate and House Pass a Consumer Data Privacy Rights Bill
On March 15, 2023, the Iowa House passed Senate Bill 262 on a 97-0 vote. The Bill had previously passed the Iowa Senate on March 6, 2023. If ultimately signed by Iowa Governor Kim Reynolds, Iowa would join California, Colorado, Connecticut, Utah, and Virginia as the sixth U.S. state with a comprehensive consumer data privacy…

Colorado Finalizes CPA Regulations
On March 15, the Colorado Attorney General’s Office finalized the Colorado Privacy Act regulations. The finalized regulations track the draft rules. The rules will go into effect July 1, 2023.

California Enforcement Sweep Targets Mobile Apps – With a Focus on Honoring “Permission Slip” App
On Friday, January 27, California Attorney General Rob Bonta announced an investigative sweep of businesses that provide mobile apps, issuing warning letters to those that AG Bonta alleges failed to comply with the California Consumer Privacy Act (CCPA). This sweep focused specifically on “popular retail, travel, and food service industry apps” that failed to comply…