Privacy & Information Security Law Blog

The California Privacy Protection Agency Board will hold a Board meeting on May 1, 2025, to address proposed CPPA regulations on automated decisionmaking, risk assessments, cybersecurity audits and insurance.

On April 16, 2025, the Arkansas state legislature passed a bill, S.B. 611, to amend the Arkansas Social Media Safety Act of 2023 (the “Act”). This development follows a U.S. District Court decision permanently enjoining the Act from taking effect.

The Federal Trade Commission announced that it will host a workshop titled “The Attention Economy: How Big Tech Firms Exploit Children and Hurt Families” on June 4, 2025.

Davara Abogados S.C. reports that on March 20, 2025, the Mexican Congress approved a Federal Law on the Protection of Personal Data Held by Private Parties, replacing the previous 2010 federal data protection law.

On April 9, 2025, the Cyberspace Administration of China published a Q&A related to administrative policies on the security of cross-border transfers.

On April 11, 2025, California Attorney General Rob Bonta appealed the U.S. District Court for the Northern District of California’s decision blocking enforcement of California’s Age-Appropriate Design Code Act.

Last year, the Federal Communications Commission issued a rule amending a portion of the Telephone Consumer Protection Act.

On April 11, 2025, the U.S. Department of Justice issued a compliance guide, FAQs and an Implementation and Enforcement Policy to assist organizations to comply with the DOJ’s final rule implementing Executive Order 14117 (Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern). The guidance comes just days after certain of the final rule’s provisions became effective on April 8, 2025.

On April 10, 2025, the U.S. Senate confirmed Mark Meador as the newest Commissioner of the Federal Trade Commission. Meador was nominated on January 20, 2025, by President Donald J. Trump, and his term will expire on September 25, 2031.

The California Privacy Protection Agency recently released modified draft regulations in response to public feedback on its proposed updates to the California Consumer Privacy Act regulations.