The Federal Trade Commission (FTC) and the Los Angeles County District Attorney on July 9, 2024, announced a complaint and proposed stipulated order against NGL Labs, LLC, and two NGL co-founders concerning the “NGL: ask me anything

If you are an attorney covering cybersecurity, not only do you have to stay on top of ever-evolving legal obligations and risks, you have to be able to speak competently with your technical counterparts. 

Changes to Illinois’ Biometric Information Privacy Act are awaiting Gov. J.B. Pritzker’s (D) signature. 

The legislation offers much-needed clarity for businesses but has raised questions about whether courts would apply the changes retroactively to past or ongoing lawsuits.

On July 16, the California Privacy Protection Agency (CPPA) held a public meeting of its Board (the Board).

The U.S. Court of Appeals for the Ninth Circuit issued an opinion in Zellmer v. Meta Platforms, Inc., on June 17, 2024, affirming dismissal of a putative class action filed under the Illinois Biometric Information Privacy Act. 

APRA Cancellation, Rhode Island's Privacy Act, and CPPA's International Cooperation

In an active summer on the privacy front, we share a few recent updates:

Cancellation of APRA House Markup

Building on its renewed jurisdictional authority over broadband internet access service providers following the reinstatement of net neutrality, the Federal Communications Commission has adopted proposed internet routing security rules in a notice of proposed rulemaking designed to prevent foreign manipulation of internet traffic.

The Texas Data Protection and Security Act goes into effect on Monday, July 1, 2024. Eliminating any speculation that this omnibus consumer privacy law might sit on the cupboard shelf, unenforced, the Texas attorney general announced that his office has formed a task force to enforce the TDPSA, along with Texas' several other data privacy laws. 

On June 18, 2024, the California Attorney General announced a settlement with Tilting Point Media LLC, the developer and publisher of the mobile game "SpongeBob: Krusty Cook-Off" (SpongeBob app), resolving allegations of unauthorized disclosure of children's personal infor

The end of Maryland's legislative session has ushered in one of the year's most ambitious and comprehensive consumer privacy laws. 

Minnesota's governor signed the Minnesota Consumer Data Privacy Act (MNCDPA or the Act) into law at the end of May, making Minnesota the 18th state to enact a comprehensive consumer privacy law. 

The Federal Trade Commission (FTC) announced on April 26, 2024, that a final rule modifying its Health Breach Notification Rule (HBNR) adopted on a 3-2 vote along party lines. 

The Maryland Age-Appropriate Design Code Act was signed into law on May 9, 2024, with an October 1, 2024, effective date.

As Allison Handy noted on our Public Chatter blog, Erik Gerding, the Director of the U.S.

Sen. Maria Cantwell (D-WA) and Rep. Cathy McMorris Rodgers (R-WA) released a discussion draft of the American Privacy Rights Act on April 7, 2024. 

This announcement of a bipartisan, bicameral proposal for a federal comprehensive consumer privacy law was a significant—and unexpected—development in longstanding efforts to adopt federal privacy legislation.