Ropes & Gray (LexBlog United States)

1875 results for Ropes & Gray (LexBlog United States)

  • Lawmakers Pass Milestone Privacy Bill Overshadowed by TikTok Fever

    On February 28, 2024, President Biden announced an Executive Order (“EO”) directing the Department of Justice (“DOJ”) to promulgate regulations that restrict or prohibit transactions involving certain bulk sensitive personal data or United States Government-related data and countries of concern or covered persons. As directed by the EO, on February 28, the DOJ published an...

  • In Bloomberg Law Article, Attorneys Analyze Washington State’s New Privacy Law That Safeguards Consumer Health Data

    ​ In a Bloomberg Law article, attorneys examined Washington State’s comprehensive new privacy law, the My Health My Data Act, the first state law that specifically safeguards consumer health data. The article discusses the new law’s scope, applicability, and ensuing company obligations. The Act will apply to many life sciences companies, pharmaceutical and device manufactures and is...

  • NIST Publishes Long-Awaited Cybersecurity Framework 2.0

    On February 26, 2024, the National Institute of Standards and Technology (“NIST”) released version 2.0 of its Cybersecurity Framework (“CSF 2.0”)—the first significant update to the cybersecurity guidance since its initial publication a decade ago.[1] While the original guidance was tailored to critical infrastructure entities, the new version has a broader scope and applies to...

  • New Executive Order Would Restrict Transfer of Certain Bulk Sensitive Personal Data and United States Government-Related Data to China and Other Countries of Concern

    On February 28, 2024, President Biden announced an Executive Order directing the Department of Justice to promulgate regulations that restrict or prohibit transactions involving certain bulk sensitive personal data or United States Government-related data and countries of concern or covered persons. The DOJ’s initially identified countries are China (including Hong Kong and Macau), Russia, Iran,..

  • DoorDash and California Attorney General Reach Settlement Over Privacy Allegations

    Following up on announcements of sweeps from late January, last week California Attorney General Rob Bonta announced a settlement with the popular food delivery service DoorDash related to allegations that DoorDash breached the California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA). The announcement doubles down on the Attorney General’s reiteration...

  • California Court of Appeal Restores CPPA Authority to Enforce Privacy Regulations

    On February 9, 2024, a California state court of appeal unanimously vacated a lower court ruling, green-lighting the California Privacy Protection Agency’s authority to commence enforcement of the Agency’s first set of regulations. Until now, the Agency’s authority to enforce regulations it has promulgated under the California Consumer Privacy Act (“CCPA”) has been delayed. The...

  • 2024 Is Set To Be Democracy and Deepfakes’ Biggest Year. Is U.S. Legislation …Ready For It?

    The FCC has issued a declaratory ruling, employing the protection of the Telephone Consumer Protection Act (TCPA) to outlaw robocalls that use AI-generated voices. The Commission’s unanimous decision was spurred by public fallout from the doctored audio message of a purported President Biden urging voters in New Hampshire not to vote in the state’s Democratic...

  • The Data Day: Protecting Your Company and Your Data in the Wake of a Cyber Incident

    Tune in to Ropes & Gray’s podcast series, The Data Day, brought to you by the firm’s data, privacy & cybersecurity practice. This series focuses on the day-to-day effects that data has on all of our lives as well as other exciting and interesting legal and regulatory developments in the world of data, and features...

  • States Move Forward with Automated Privacy Opt-Out Signals; Colorado Approves First Universal Opt-Out Mechanism

    States have recently taken important steps toward implementing so-called “Universal Opt-Out Mechanisms” (“UOOMs”), which will provide consumers with a method for automatically exercising privacy rights.  UOOMs, sometimes referred to as opt-out preference signals, are user enabled features, typically within the user’s browser or through a browser add-on, that send a signal to each website the...

  • Dealmaking with AI and Big Data – Charting the new frontier in life sciences

    Megan Baca moderated Ropes & Gray’s annual “From the Boardroom” panel – held in San Francisco during the 2024 J.P. Morgan Healthcare Conference – which this year looked at the role of artificial intelligence and big data in the context of dealmaking. It can feel hard to escape AI at the moment, with some debate...

  • In Law360, Attorneys Urge Businesses to Navigate Generative AI Indemnity Shields with Care

    In a Law360 article, IP transactions and technology partner Regina Sam Penti, IP transactions counsel Georgina Jones Suzuki and IP transactions associate Derek Mubiru analyzed the recent trend of artificial intelligence (AI) providers offering indemnity shields and urged businesses to exercise caution in relying on these indemnities. In response to a number of intellectual property lawsuits that...

  • NIST Cybersecurity Center of Excellence – Cybersecurity of Genomic Data Report

    On December 20, 2023, the National Institute of Standards and Technology (“NIST”) National Cybersecurity Center of Excellence (“NCCoE”) published its Cybersecurity of Genomic Data report (the “Report”).  The Report aims to assist organizations in protecting against misuse of genomic data and enabling secure collaborative innovations.  Note, however, that the Report is not authoritative with...

  • FTC Proposes Amendments to the COPPA Rule as Part of Continued Attention to Children’s Privacy

    As laid out in our earlier blogpost, part of Ropes & Gray’s Data, Privacy & Cybersecurity Group’s “12 Days of Data” series, one thing to look out for in 2024 is an update from the Federal Trade Commission (FTC) on its Children’s Online Privacy Protection Act Rule (COPPA Rule) review. Well, we did not have...

  • Dashing Through 2023’s Privacy Litigation Trends

    Looking back on 2023, the trend of privacy-based class actions has only increased, and it doesn’t seem poised to halt or even slow down in the new year. Businesses are feeling acutely the threat of future litigation. At the end of 2022, the hundreds of cross-industry respondents to the Annual Litigation Trends Survey cited cybersecurity,...

  • Illinois’s Biometric Information Privacy Act: A Reflection on 2023

    While the Illinois Biometric Information Privacy Act (“BIPA”) is “of 2008,” only in the past few years has BIPA litigation exploded at a pace likely to continue.  BIPA generally requires companies that collect biometric information or identifiers in Illinois to adhere to certain practices, including providing a public privacy policy; obtaining written consent before collection;...

  • Reviewing 2023’s Global AI Landscape Across Practice Areas

    In a Law360 article, co-authored by data, privacy & cybersecurity partner Fran Faircloth and associate May Yang, the team reflect on 2023 Global AI highlights, noting “2023 stands out as a landmark year for artificial intelligence and for generative AI in particular.” “The launch of OpenAI’s ChatGPT in late 2022 marked a turning point, igniting a global race among tech...

  • The Three European Union Laws That Need Your Attention in 2024

    2023 was the year of artificial intelligence — and 2024 is already shaping up to be more (much more) of the same.  The European Union’s legislative bodies passed the AI Act earlier this month, and although the text has yet to be finalised on the world’s first comprehensive AI law, the hype around it already...

  • You Better Watch Out, You Better Not Cry…Telemarketing Changes Are Coming to Town in 2024

    What has often been considered to be one of the most heavily litigated privacy laws over the last decade, the Telephone Consumer Protection Act’s (“TCPA”) applicability (or lack thereof) to many modern text message dialing technologies has been significantly curtailed as a result of the United States Supreme Court’s narrow definition of what constitutes an...

  • The 2023 AI Boom Calls for Further Regulation of the Use of AI Tools in the Health Care and Life Sciences Industries

    The past year has seen unprecedented growth and development of artificial intelligence (“AI”) tools, which have been significantly propelled by the rapid deployment of generative AI (“GenAI”) tools.  The health care and life sciences industries have increasingly sought the use of AI and GenAI tools to promote innovation, efficiency and precision in the delivery of...

  • Jingle All the Algorithms: Automated Decisionmaking Amidst a Blizzard of State Privacy Laws

    Decisions, decisions.  We are deluged by decisions.  What present should I buy?  Is the small cheese plate enough for my party guests, or should I go with the large?  How much of my bonus should I set aside for retirement this year, or should I up my charitable giving?  Wouldn’t it be nice if we...

  • Making a List and Checking it Twice: The Impact of Cybersecurity Regulations on Financial Services in 2023

    Not that long ago, financial sector regulations seldom mentioned cybersecurity expressly, instead addressing the issue indirectly through restrictions focused on general system safeguards and omnibus reporting requirements. Gone are those days. Over the past few years, federal and state regulators have increased focus on information security issues impacting financial institutions, introducing a...

  • Naughty or Nice: Children’s Online Privacy and Safety Developments and Expectations

    Last holiday season, we were looking under the tree to see if President Biden and the U.S. Congress would leave the gift of a new national children’s online privacy and safety law—and whether it would turn out to be a welcome surprise or a lump of coal. It was widely reported that a group of...

  • Walking in a Data Wonderland: A Look Back at the FTC’s 2023 Privacy Enforcement Actions

    On the first Day of Data, we recap a busy year for the Federal Trade Commission (“FTC”), highlighting key enforcement decisions from 2023 and reading the tea leaves for what promises to be an equally active 2024 for the agency on topics ranging from online tracking technologies to artificial intelligence. Online Tracking Technologies In what...

  • ‘Tis the Season for Data Protection: Unwrapping the 12 Days of Data

    As the year draws to a close, we’re excited to kick off the third annual installment of the 12 Days of Data, our favorite holiday tradition. Join us for a festive journey over the next few weeks, as we count down twelve key areas of growth in privacy and cybersecurity in 2023 and look forward...

  • New York State Proposes New Cybersecurity Program and Incident Reporting Requirements for Hospitals

    On November 13, 2023, New York Governor Kathy Hochul announced the release of proposed statewide hospital cybersecurity regulations that would require state-licensed hospitals to establish cybersecurity programs, policies and procedures (the “Proposed Regulations”). The Proposed Regulations feature requirements regarding cybersecurity policies and procedures, personnel, user authentication...

  • Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence

    On October 30, 2023, President Biden issued an executive order (“EO”) on the safe, secure, and trustworthy development and deployment of artificial intelligence (“AI”) that has the potential to set far-reaching standards governing the use and development of AI across industries. Although the EO does not directly regulate private industry, apart from certain large-scale models...

  • NYDFS Finalizes Significant Amendments to its Cybersecurity Regulations

    On November 1, 2023, New York Governor Kathy Hochul announced that the New York Department of Financial Services (“NYDFS”) finalized amendments to its Part 500 Cybersecurity Regulations (“Final Amendments”)—the first significant change to the regulations since their inception in March 2017. The Final Amendments generally track previous NYDFS proposed amendments—including the November 9, 2022...

  • California Adopts “Delete Act”: New Requirements for Data Brokers

    On October 10, 2023, Governor Gavin Newsom signed into law the California Delete Act, which imposes new requirements on “data brokers.” Because of the California law’s broad definition of the term “data broker,” the law will apply to many businesses that would not typically think of themselves as engaged in buying and selling data. The...

  • In Law360, Data, Privacy & Cybersecurity Attorneys Discuss New Draft CPPA Regulations around Cybersecurity Audits and Artificial Intelligence

    At its Sept. 8 board meeting, the California Privacy Protection Agency reviewed draft regulations addressing cybersecurity audits and risk assessments. If adopted, the proposed regulations would require many businesses already subject to the California Consumer Privacy Act to conduct new, independent audits of their cybersecurity programs.  The proposed regulations would also impose broad rules...

  • Delaware Becomes Twelfth State to Pass Consumer Privacy Law

    Last week, Delaware Governor John Carney signed into law the Delaware Personal Data Privacy Act (“DPDPA”), the state’s new consumer privacy law that will become effective January 1, 2025. The First State is now the 12th state to fully enact a comprehensive consumer data privacy law, joining California, Colorado, Connecticut, Indiana, Iowa, Montana, Oregon, Tennessee,...

  • Request a trial to view additional results

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT