Alston & Bird Privacy, Cyber & Data Strategy Blog

EU Moves Toward a Single Entry Point for Security Incident Reporting

March 19, 2026 By Alice Portnoy and Wim Nauwelaerts

On March 17, 2026, the European Parliament published a briefing signalling continued momentum toward the creation of an EU‑wide Single Entry Point (SEP) for security incident reporting. The initiative is part of the European Commission’s proposed Digital Omnibus legislative package and is intended to simplify how organizations report incidents - including personal data breaches - under multiple EU legal frameworks. What is the Single Entry Point? The SEP would take the form of a centralized, … [Read more] about EU Moves Toward a Single Entry Point for Security Incident Reporting

Ninth Circuit Partially Lifts Injunction Against California Age-Appropriate Design Code Act

March 16, 2026 By Maki DePalo and Hyun Jai Oh

On March 12, 2026, the United Sates Court of Appeals for the Ninth Circuit (Ninth Circuit) partially vacated the preliminary injunction by the United States District Court for the Northern District of California (district court) that had blocked the … [Read more] about Ninth Circuit Partially Lifts Injunction Against California Age-Appropriate Design Code Act

CalPrivacy Seeks Input on Reducing Friction in Privacy Rights Experience and Challenges with Opt-Out Preference Signals

March 16, 2026 By Maki DePalo and Hyun Jai Oh

On March 6, 2026, the California Privacy Protection Agency (CalPrivacy) published an Invitation for Preliminary Comments seeking public input on whether regulatory changes are needed in two related areas under the California Consumer Privacy Act … [Read more] about CalPrivacy Seeks Input on Reducing Friction in Privacy Rights Experience and Challenges with Opt-Out Preference Signals

CalPrivacy Goes to the Board with Digital Advertising-Focused Enforcement

March 9, 2026 By Cynthia Cole, Dorian Simmons and Anna von Spakovsky

On February 27, 2026, the California Privacy Protection Agency (“CalPrivacy”) issued an order (the “Order”) requiring a sports-focused media and technology company (the “Company”) to pay a $1.10 million administrative fine for violations of the … [Read more] about CalPrivacy Goes to the Board with Digital Advertising-Focused Enforcement

The FTC’s COPPA Policy Statement to Incentivize Age Verification Through a More Flexible Enforcement Approach

March 5, 2026 By Cynthia Cole, Maki DePalo, Jennifer Everett and Lili Song

On February 25, 2026, the Federal Trade Commission (“FTC”) issued an enforcement policy statement announcing that the Commission will not bring enforcement actions under the Children's Online Privacy Protection Act ("COPPA") Rule against operators of … [Read more] about The FTC’s COPPA Policy Statement to Incentivize Age Verification Through a More Flexible Enforcement Approach