In a month already full of activity with respect to regulation of artificial intelligence (AI) globally, the U.S. Federal Trade Commission (FTC) has continued to assert its role in regulating AI in the US. On November 21, 2023, FTC commissioners unanimously resolved to streamline the FTC’s ability to issue civil investigative demands (CIDs) regarding AI in products and services. FTC staff may now more easily compel release of documents, information, and testimony as part of…
What rights does a consumer have to a digital product that they purchase? What control does an author have over their creative works? What obligations do others have to you when they use your data to develop new products? None of these questions are new, but the recent proliferation of artificial intelligence (AI) tools, particularly generative AI (GenAI) tools, has brought these questions to the forefront of ongoing conversations about the role that AI will…
The Connecticut Data Privacy Act (CTDPA) is operative since July 1, 2023, and so are certain amendments that were signed into law as recently as June 26th, 2023. The amendments focus on protecting consumer health data and protecting minors, with additional consumer health data protections already operative but with some obligations related to minors becoming operative mid to late 2024. Additional Obligations for Processing Consumer Health Data As other omnibus US state privacy laws, the…
In brief The Colorado Privacy Act (C.R.S. 6-1-1301, et seq.) (the “CPA”) comes into effect on July 1, 2023. Earlier this year, the Colorado Attorney General promulgated final rules for implementing the CPA (4 CCR 904-3) (the “Rules”). The Rules provide insight as to how the Attorney General may interpret and enforce the CPA. In this alert, we highlight several key aspects of the CPA and the Rules to help businesses focus their compliance efforts.…
Washington state governor Jay Inslee signed the My Health, My Data Act (the Act) into law on April 27, 2023. Regulated entities are required to comply with most obligations from March 31, 2024 with small businesses being required to comply from June 30, 2024. Prohibitions on geofencing are operative already on July 23, 2023. The Act will be enforceable both by the Washington Attorney General’s Office and through a private right of action. Who is…
Companies around the world should start preparing for the Iowa Consumer Data Protection Act (Iowa Act) with respect to personal data of consumers in Iowa. With the Iowa Act, Iowa follows the California Consumer Privacy Act of 2018, as amended by the California Consumer Rights Act of 2020 (CCPA), but excludes consumers acting in a commercial or employment context. Businesses that have implemented measures to comply with the CCPA and other US state privacy laws…
In brief If you sell goods and services to consumers through automatically renewing payment plans, free or discounted trials that convert into full plans, or other “negative option features” that interpret a consumer’s silence as permission to keep charging them (collectively, “recurring subscriptions”), you should monitor and consider submitting comments on the Federal Trade Commission’s (“FTC’s”) proposed Negative Option Rule. The proposed rule would impose detailed transparency, consent, simple cancellation and annual reminder requirements on companies…
In this episode, Harry Valetk, is joined by Carlos Dávila-Peniche, based in Mexico City and Daniel Villanueva, based in Guadalajara, to discuss consumer protection in video games with a special focus on age ratings. Join us to hear more about how to meet challenges around age ratings, global classifications, localization expectations, how to comply with age ratings in app stores or console purchases, and much more. https://open.spotify.com/episode/62sFvzANIkICWBFKuwjjwf
The Supreme Court of the United States has addressed a contentious split among federal circuit courts of appeals on the definition of “autodialer” under the Telephone Consumer Protection Act (TCPA) with a decision that should greatly reduce the amount of TCPA litigation in the US. The TCPA prohibits any person from placing phone calls (including text messages) to a wireless number using an “autodialer,” among other things, without the recipient’s prior express consent (or, for…
The European Commission’s New Deal for Consumers will apply to traders that target consumers in the EU from 28 May 2022. Organisations impacted by the New Deal have two years to get into shape – which is advisable, because the New Deal empowers regulators across the EU to impose GDPR-style fines for breaches of consumer legislation. Like the GDPR before it, the changes will affect most functions within businesses affected by the New Deal. Organisations…