On August 11, 2022, the Federal Trade Commission (FTC) voted 3-2 on partisan lines to file an Advance Notice of Proposed Rulemaking (ANPR) that would regulate the protection of consumers’ privacy and data security in a rulemaking titled “Trade Regulation Rule on Commercial Surveillance and Data Security.”

The release of this ANPR—in the midst of

The United States Supreme Court recently issued its decision in Dobbs v. Jackson Women’s Health Org., ––– U.S. –––, 2022 WL 2276808 (2022), overturning Roe v. Wade, 410 U.S. 113 (1973), and Planned Parenthood of Southeastern Pennsylvania v. Casey, 505 U.S. 833 (1992). In holding that the U.S. Constitution does not protect

On May 26, 2022, the US Department of Commerce’s Bureau of Industry and Security (“BIS”) published a final rule revising the restrictions on the export, reexport and transfer (in-country) of certain “cybersecurity items” used for malicious cyber activities (“final rule”). Effective immediately upon publication, the final rule amends the October 21, 2021, interim final rule

On May 19, 2022, the Federal Trade Commission (FTC) unanimously approved a policy statement on education technology (EdTech) and the Children’s Online Privacy Protection Act (COPPA). Characterized as part of a larger effort to “crack down on companies that illegally surveil children learning online,” the policy statement itself merely highlights pre-existing obligations under

On May 11, 2022, the Senate confirmed President Biden’s appointment of Alvaro Bedoya to fill the vacant Democratic seat on the Federal Trade Commission (FTC). Commissioner Bedoya’s confirmation gives the Democratic commissioners a voting majority on the Commission, and we expect the FTC will pursue actions previewed by Chair Lina Khan. In this Legal Update,

On May 6, 2022, the US Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) designated crypto mixer Blender.io as a Specially Designated National (“SDN”), marking the first time a virtual currency mixer has been sanctioned. The move is the latest in a series of sanctions designations and enforcement actions in the virtual currency

Strengthening the nation’s cybersecurity has been a top priority for the Biden administration, as reflected in its collaboration with industry, regulatory actions, and the legislation it has supported in Congress, including the Cyber Incident Reporting for Critical Infrastructure Act of 2022. Executive action has been a key tool in the Biden administration’s cyber policymaking toolkit.

Connecticut has become the fifth state to pass comprehensive consumer data privacy legislation. Connecticut Governor Ned Lamont signed the bill into law on May 10, 2022, and the Connecticut Data Privacy Act” (CTDPA) will take effect on July 1, 2023. This Legal Update discusses the CTDPA’s scope; compares it with the other state privacy laws

In a recent decision upholding the denial of a motion to compel arbitration, a panel of the Ninth Circuit provided new guidance about the formation of online contracts under California and New York law.1 The court held that, to place a consumer on inquiry notice of terms and conditions on a website, the website

On February 9, 2022, the Securities Exchange Commission (“SEC” or “Commission”) voted 3-1 to propose rules, forms and amendments concerning cybersecurity risk management, as well as registered investment adviser and fund disclosures. As we have previously discussed, the proposal under the Investment Advisers Act of 1940 (Advisers Act) and the Investment Company Act of