State Attorneys General

As a follow-up to our recent posts on price gouging (see here, here, and here), we noted recent signs that federal and state authorities have escalated their enforcement efforts.

  • On Monday, the President signed an executive order to prevent hoarding and price gouging of crucial medical supplies.  It authorizes criminal prosecution of

Facial Recognition Tech Enforced by Vermont AG Under State Privacy & Data Broker LawsVermont Attorney General Thomas Donovan Jr. has ratcheted up ongoing scrutiny of facial recognition technology.  On March 10, the Vermont AG sued facial recognition technology provider Clearview AI and moved for a preliminary injunction against the company.  Clearview drew wide attention in January following the publication of a New York Times story that detailed how

 California Attorney General (AG) released third draft of proposed CCPA regulationsOn Wednesday, the California Attorney General (AG) released a third draft of proposed CCPA regulations for public comment.  The draft contains a series of technical corrections, along with a handful of substantive incremental modifications to the prior draft.  The limited number of changes signals that the rulemaking process is reaching an end.

The following

On Friday, California Attorney General Xavier Becerra released proposed modifications to the formerly-released draft regulations implementing the California Consumer Privacy Act (CCPA). The modifications reflect the Attorney General’s response to public comments issued in response to the draft regulations and arguably represent a rollback of key provisions previously proposed.

The modifications impose a number of

On January 30th, 24 State Attorneys General*, led by Kwame Raoul (D) of Illinois, submitted an amici curiae brief in support of the Federal Trade Commission’s position in FTC v. Credit Bureau Center LLC.

These State AGs are in agreement with the FTC, which has argued that the district court’s authority to

California is not the only state focused on privacy.  The New Jersey Attorney General’s Office recently emphasized how the Office is prioritizing its enforcement of such issues. Over its first year, the newly-created Data Privacy & Cybersecurity Section within the New Jersey Division of Law has initiated its own actions and joined several multi-state investigations. 

The FTC and the New York Attorney General recently announced a record-setting $170 million ($136 million to the FTC and $34 million to the NY AG) joint settlement with Google. The settlement resolves allegations that YouTube violated the Children’s Online Privacy Protection Act (“COPPA”) and is the largest penalty the FTC has ever received in

It’s no secret that the Justice Department and state Attorneys General don’t like coupon settlements in class actions.  Since 2007, groups of state AGs have been objecting regularly to coupon settlements that would force class members to pay more money to defendants accused of consumer fraud.  On February 4, the Justice Department filed an amicus

Last week, five advertising and marketing trade associations jointly filed comments with the California Attorney General seeking clarification on provisions within the California Consumer Privacy Act (CCPA).

While expressing “strong support” for the CCPA’s intent, and noting the online ad industry’s longstanding consumer privacy efforts like the DAA’s YourAdChoices Program, the group proposed the

In the Data Business? You May Be Obligated to Register in Vermont by Thursday

Data brokers have until this Thursday to register with the Vermont Secretary of State as part of a new data broker oversight law that became effective January 1st.

Approved unanimously by the Vermont Senate last May, the Vermont Data Broker Regulation, Act 171 of 2018, requires data brokers to register annually, pay an annual filing fee of $100, and maintain minimum data security standards, but the law does not prevent data brokers from collecting or selling consumer data.

What Qualifies as a “Data Broker”?

The law only applies to “data broker[s],” defined as a “business, or unit or units of a business, separately or together, that knowingly collects and sells or licenses to third parties the brokered personal information of a consumer with whom the business does not have a direct relationship.”
Continue Reading