On March 23, 2025, 23andMe Holding Co. (“23andMe”) filed for bankruptcy in the Eastern District of Missouri, potentially setting in motion the sale of genetic data collected from more than 15 million people. This has led to news outlets and state Attorneys General encouraging consumers to delete their 23andMe data before it is sold as […]
FTC
FTC Finalizes COPPA Rule Amendments
On January 16, 2025, the Federal Trade Commission (FTC) voted 5-0 to approve the finalized amendments to the Children’s Online Privacy Protection Rule (COPPA Rule) that would offer additional privacy safeguards for children under the age of thirteen. The amened COPPA Rule will require operators to obtain separate verifiable parental consent before disclosing personal information […]
Data Breach Notification Requirements under the Safeguards Rule Now in Effect
For years, the Gramm-Leach-Bliley Act (GLBA) has required financial institutions to maintain reasonable safeguards for consumer data, but has only had limited breach-reporting requirements. To the extent financial institutions were subject to breach-reporting obligations, these were set by non-GLBA legislation, such as state law, or by relatively narrow incident-reporting rules under Interagency Guidelines overseen by […]
FTC Denies an Application to Add a New Verifiable Parental Consent Mechanism Under COPPA Rule Without Prejudice
On March 29, 2024, the Federal Trade Commission (the “FTC”) published a unanimous decision to deny an application by the Entertainment Software Rating Board, Yoti, and SuperAwesome (collectively, the “Applicants”) to add a new verifiable parental consent (“VPC”) mechanism under the Children’s Online Privacy Protection Rule (“COPPA Rule”). The application, which our previous blog post […]
State AGs and Other Stakeholders Weigh In On Proposed COPPA Rule Update
The Federal Trade Commission (FTC) received over 270 comments to its notice of proposed rulemaking (NPRM) for the amendments to the Children’s Online Privacy Protection Rule (COPPA Rule) during the public comment period that ended on March 11, 2024. The NPRM reflects the FTC’s continued effort to modernize the COPPA Rule, which implements the Children’s […]