Posts from March 2025.
Time 3 Minute Read

On March 13, 2025, the U.S. District Court for the Northern District of California granted a second motion for preliminary injunction in favor of the technology trade group NetChoice.

Time 2 Minute Read

On March 7, 2025, the California Privacy Protection Agency voted to authorize the agency to advance proposed data broker regulations concerning the Delete Request and Opt-Out Platform to formal rulemaking.

Time 3 Minute Read

Earlier this month, the Centre for Information Policy Leadership at Hunton submitted a response to India’s Ministry of Electronics and Information Technology regarding the Draft Digital Personal Data Protection Rules 2025.

Time 1 Minute Read

On March 11, 2025, the Virginia legislature passed a bill that would amend the Virginia Consumer Data Protection Act to impose significant restrictions on minor users’ use of social media.

Time 3 Minute Read

On March 7, 2025, the New York Attorney General announced a $650,000 settlement with Saturn Technologies Inc., the developer of a student social networking app, for alleged privacy violations.

Time 2 Minute Read

On March 12, 2025, the California Privacy Protection Agency announced that it reached a settlement with American Honda Motor Co. in which Honda will pay a $632,500 fine to resolve claims that the company violated the CCPA.

Time 2 Minute Read

After six months of enforcement of Oregon’s Consumer Privacy Act, a new report from the Oregon Attorney General indicates strong consumer engagement with the law’s privacy rights, notable business compliance efforts and key areas where businesses are falling short.

Time 2 Minute Read

On March 6, 2025, the U.S. Department of Health and Human Services Office for Civil Rights announced a $200,000 civil monetary penalty against Oregon Health & Science University for allegedly violating the HIPAA Privacy Rule’s right of access.

Time 5 Minute Read

On February 27, 2027, in Chabolla v. ClassPass Inc., the U.S. Court of Appeals for the Ninth Circuit, in a split 2-1 decision, held that website users were not bound by the terms of a “sign-in wrap” agreement.

Time 1 Minute Read

The Attorney General of Arkansas filed a lawsuit against General Motors and its subsidiary, OnStar, alleging deceptive trade practices related to the collection and sale of drivers’ data.

Time 2 Minute Read

On February 20, 2025, the U.S. District Court for the Northern District of Georgia granted a motion for class certification in a class action alleging that WebMD violated the federal Video Privacy Protection Act by disclosing certain user data to Facebook without the users’ consent. 

Time 1 Minute Read

On March 5, 2025, the European Data Protection Board announced the launch of its latest Coordinated Enforcement Framework action addressing the right to erasure.

Time 1 Minute Read

Last month, SEC Commissioner Hester Peirce, chair of the Crypto Task Force, laid out a broad agenda for the SEC’s approach to cryptocurrency over the next four years.

Time 1 Minute Read

On February 21, 2025, President Trump issued a National Security Memorandum on America First Investment Policy outlining the administration’s foreign direct investment policy, including initiatives for a regulatory fast track process, additional scrutiny for Chinese investors, key changes to reviews by the Committee on Foreign Investment in the United States including CFIUS’s use of national security agreements.

Time 2 Minute Read

On February 20, 2025, the Virginia legislature passed the High-Risk Artificial Intelligence Developer and Deployer Act.

Time 4 Minute Read

On February 20, 2025, the UK Information Commissioner’s Office published its annual Tech Horizons Report, which explores four key technologies expected to play a significant role in society in upcoming years.

Time 1 Minute Read

The California Privacy Protection Agency Board will hold Board meetings on March 6 at 2 PM PT and March 7 at 9 AM PT addressing the creation of a data broker deletion request mechanism, pursuant to the CA Delete Act.

Time 5 Minute Read

The Cyberspace Administration of China recently released requirements regarding data protection compliance audits, which will go into effect on May 1, 2025.

Time 4 Minute Read

The People’s Bank of China recently released the Draft Administrative Measures for Reporting of Cybersecurity Incidents in the Operational Areas of PBOC for public comment.

Time 2 Minute Read

NetChoice has filed a lawsuit challenging Maryland’s Age-Appropriate Design Code Act on constitutional grounds, arguing that the law’s requirements, including requirements to perform data protection impact assessments, inhibit free speech.

Search

Subscribe Arrow

Recent Posts

Categories

Tags

Archives

Jump to Page