Under the Colorado Privacy Act (“CPA”), consumers have express rights to opt out of the sale of personal data as well as the processing of personal data for targeted advertising.  Effective July 1, 2024, organizations covered under the CPA must allow consumers to opt out using a universal opt out mechanism (

On November 1, 2023, after the Biden administration’s October 30, 2023 release of its landmark executive order on artificial intelligence (“AI”), the Office of Management and Budget (“OMB”) released a draft proposed memorandum on implementing the executive order. The draft memo directs heads of executive departments and agencies to advance AI

Today, the California Privacy Protection Agency (“CPPA”) released draft rules pursuant to the California Consumer Privacy Act (“CCPA”) governing consumer access and opt out rights with respect to Automated Decisionmaking Technology (“ADMT”).  This is an early example of the development of regulations around artificial intelligence (“AI”) in the United

November has been a busy month in artificial intelligence on the international, federal, and state levels.  The last several weeks have seen what is probably an unprecedented amount of activity regarding artificial Intelligence (“AI”), the most dramatic of which involved the stepping down of Open AI’s CEO Sam Altman last Friday after a

Biden Issues Broad Executive Order on Artificial Intelligence
Continue Reading Eight Categories Summarizing the Directives of Biden’s Executive Order on Artificial Intelligence

Two more states have enacted consumer privacy protection laws, with Oregon and Delaware joining the existing fray of state comprehensive consumer privacy laws in California, Colorado, Virginia, Utah, Connecticut, Iowa, Indiana, Montana, Tennessee, Florida, and Texas. For a useful chart detailing the applicability, effective dates, and exemptions of all of the state laws enacted thus

On July 31, 2023, the California Privacy Protection Agency (“CPPA”) – the state privacy regulatory agency charged with regulating and enforcing the California Consumer Privacy Act (as amended by the California Privacy Rights Act) (“CCPA”) — announced that it will be reviewing the data privacy practices of connected vehicle (CV) manufacturers and related CV technologies.

On Monday, March 13, 2023, The Texas House Business & Industry committee held a hearing for the main data privacy bill for this legislative session by Representative Capriglione of Southlake, TX, a Dallas suburb. The 34-page bill filed earlier this year aims to comprehensively address how companies and consumers interact with personal data. Similar to California, European, and a handful

On October 7, 2022, President Biden signed an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities.  The order aims to address concerns expressed by the Court of Justice of the European Union (CJEU) in the Schrems II case, in which it ruled the E.U.-U.S. Privacy Shield inadequate as a cross-border transfer mechanism. 

Yesterday, on August 24, 2022, California Attorney General Rob Bonta (“AG”) announced a settlement with Sephora, Inc., resolving allegations that the company violated the California Consumer Privacy Act (“CCPA”).  The order includes permanent injunctive relief as well as a $1.2 million fine. This action stems from a June 2021 enforcement sweep by the attorney general