On May 29, 2019, Nevada’s SB 220[1] became law, amending Nevada’s Privacy Law (2017).[2] The existing Nevada Privacy Law is similar to California’s Online Privacy Protection Act (2004), by requiring a conspicuously posted privacy policy. The new SB 220 resembles the new California Consumer Privacy Act (“CCPA”) but is more narrow in application and scope.


Continue Reading

Earlier this month, three class action lawsuits were filed against companies for alleged violations of the Children’s Online Privacy Protection Act (“COPPA”). These lawsuits are raising eyebrows as COPPA does not provide for a private right of action, and a potential class certification could open the floodgates for COPPA-based lawsuits. Given these lawsuits and the recent enforcement actions brought by the FTC and the New York State Attorney General, companies more than ever need to understand their responsibilities and obligations under COPPA and maintain measures for compliance.
Continue Reading

Earlier this month, the FTC announced that a third-party study and report on cross-device tracking had been completed by the Office of Technology, Research and Investigation (“OTech”), following up on their presentation on this topic at the FTC’s 2015 workshop.  The FTC released its own report on cross-device tracking last week, which will be covered in a subsequent blog post.  OTech’s study focused on: 1) what information companies are collecting and may be using to track consumers across devices, and 2) what companies are disclosing about their cross-device tracking in privacy policies or otherwise (the answer is not much!). 
Continue Reading