We are pleased to provide you with our law firm partners newsletter for June, 2023. In May, three new privacy laws were passed – in Indiana, Tennessee and Montana. We are tracking these laws for regulations and will make updates to client policies prior to their effective dates.
We’re tracking many more bills this year- make sure to follow us on social media at @termageddon for the latest updates! We hope that you find this helpful for staying up to date with the myriad changes in the privacy field.
What’s new in privacy?
Below are some of the most notable news in privacy from this month:
- Marking five years of GDPR. GDPR became applicable five years ago, on May 25, 2018. Since then, there have been more than 1,700 enforcement actions and 32 rulings by the Court of Justice of the European Union. Read more here.
- Meta fined 1.2 billion euros for violations of GDPR. The Ireland Data Protection Commission has fined Meta 1.2 billion euros for unlawful data transfers from the European Union to the United States. The order accompanying the fine also required Meta to suspend future transfers of personal data to the United States within five months of the decision and to bring its processing operations into compliance within six months of the notification. Read more here.
- Google to pay $39.9 million settlement. Washington’s Attorney General announced that the lawsuit with Google over location tracking practices has been settled. The settlement stemmed from the alleged deceptive collection of location data. In addition to paying the settlement fee, Google is also required to be more transparent with consumers about how it tracks and uses consumer data. Read more here.
- Montana bans TikTok. The Governor of Montana signed SB419, which bans TikTok from operating in the state and prohibits mobile app stores from offering the app within Montana. The ban stems from alleged privacy violations and the release of data to foreign adversaries such as the Chinese Communist Party. Learn more here.
- Ovulation app banned from sharing health data. The Federal Trade Commission has proposed an order that bans the app Premom from sharing health data for advertising purposes. The order alleges that such sharing of sensitive personal and health data without notifying consumers violates the Health Breach Notification Rule. Read more here.
- CNIL fines website 380,000 for cookie consent violations. The website Doctissimo was fined by the French Data Protection Authority for failure to store data for no longer than necessary, failure to obtain individuals’ consent to collect the data and failure to adequately secure personal data. Read more here.
- Cybercriminals impersonate ChatGPT. Check Point Research found that cybercriminals have been creating ChatGPT-related domains with the intention of luring users into downloading malicious files or disclosing sensitive information. Users who visit such domains are prompted to enter highly sensitive information such as login credentials, credit card numbers, or personally identifiable information. The attackers then use this information for identity theft or other nefarious purposes. Learn more here.
What privacy bills are we tracking?
As part of our service, we keep track of privacy bills that would affect the way Privacy Policies are written. Below is our most recent list of privacy bill proposals in the United States. You can access the privacy bill tracker any time on our blog.
- Delaware – DE HB154
- Georgia – GA HB798;
- Hawaii – HI SB1110/HB1497;
- Hawaii – HI SB 974;
- Illinois – IL HB3385;
- Indiana – IN HB 1554;
- Iowa – IA House File 2506;
- Iowa – IA House Study Bill 12;
- Kentucky – KY S 15;
- Louisiana – LA SB199;
- Maine – ME SB807;
- Maine – ME HB1270;
- Maryland – MD HB807;
- Massachusetts – MA HD2281/SB745;
- Massachusetts – MA HD3263/SD1971;
- Mississippi – MS SB 2080;
- Minnesota – MN SF950;
- New Hampshire – NH SB255;
- New York – NY S2277;
- New York – NY SB365;
- New York – NY SB3162;
- New York – NY AB4374;
- New Jersey – NJ S 332;
- New Jersey – NJ A505;
- New Jersey – NJ A 1971;
- North Carolina – NC SB525;
- Oklahoma – OK HB1030;
- Texas – TX – HB4;
- Pennsylvania – PA HB708;
- Pennsylvania – PA HB1201;
- Washington – WA HB1616;
- West Virginia – WV HB3453;
- Vermont – VT HB121
Here are some great virtual events that you can attend to learn more about the hottest issues in privacy and meet other privacy professionals:
- Latest developments and current enforcement trends in international data protection and privacy laws – June 5, 2023;
- Zero trust? Encryption and other approaches to protecting private data and communications – June 9, 2023;
Do you have any questions on how Termageddon’s policy generation process works or how we can help you save time when drafting policies for your clients? Please contact our President, Donata Stroink-Skillrud at Donata@termageddon.com and she’d be happy to set up a call to answer any questions that you may have.