Privacy and Information Security Law Blog Update

September 2022

This Client Alert is a monthly update on privacy and cybersecurity developments as posted on our Privacy & Information Security Law Blog. If you would like to receive email alerts when new posts are published, please visit our blog and enter your email address in the subscribe field.

Recent posts on the Privacy & Information Security Law blog include:

• Cyber Incident Reporting for Critical Infrastructure Act
• UK ICO Issues TikTok Notice of Intent with Possible £27 Million Fine for Children’s Privacy Violations
• FCC Proposes $3.4 Million in Fines for Violations of Children’s TV Programming Rules
• FTC Announces Agenda for “Protecting Kids from Stealth Advertising in Digital Media” Event
• FTC Releases Report on Dark Patterns
• NHTSA Publishes Final Cybersecurity Best Practices
• CARU Finds SpongeBob App in Violation of COPPA and CARU’s Guidelines
• Danish DPA Declares Use of Google Analytics Unlawful Without Supplementary Measures
• Indonesia Enacts its First Data Protection Act
• OCR Announces $300,000 Settlement Related to Improper Disposal of Physical PHI
• FTC Commences Civil Action Against Data Broker for Selling Geolocation Data
• The SEC Charged Several Individuals and Entities in a Fraudulent Hacking Scheme
• California Enacts the California Age-Appropriate Design Code Act
• New California Legislation Adds to Existing Smart Device Labeling Requirements
• FTC Commercial Surveillance and Data Security Forum Highlights Industry and Consumer Perspectives
• Irish Data Protection Commissioner Fines Instagram for Children’s Privacy Violations
• Wawa Inc. Settles Multi-State AG Breach Investigation for $8 Million