Insights
Search Results
Alerts
2.27.26
FTC Promotes Age Verification in Children’s Privacy Enforcement Statement
On February 25, 2026, the Federal Trade Commission (FTC) issued an enforcement statement to promote the use of age verification technologies on the heels of its January 28 workshop on the topic. The workshop explored issues related to age verification and how these innovative tools could be used in furtherance of child safety without creating liability under the Children’s Online Privacy Protection Act (COPPA) and its implementing rule (the COPPA Rule).
Alerts
1.06.26
2026 Year in Preview: U.S. Data, Privacy, and Cybersecurity Predictions
As we ring in the new year, we want to make you aware of key issues that we expect lawmakers and regulators to focus on this year. Below are the top U.S. data, privacy, and cybersecurity issues to watch out for in 2026:
Alerts
1.05.26
2026 Year in Preview: Global Minors’ Privacy and Online Safety Predictions
In 2025, lawmakers and enforcement agencies around the globe have kept one issue firmly in the spotlight: the privacy and safety of minors online. This heightened focus shows no sign of abating, with early indications that companies should expect to see more legislative and regulatory initiatives in the year ahead.
Alerts
11.13.25
EdTech Provider Agrees to $5.1 Million Settlement with Three State Attorneys General over Student Data Breach
On November 6, 2025, the California, Connecticut, and New York Attorneys General (collectively, the “Attorneys General”) announced a settlement with Illuminate Education, Inc. to resolve allegations that the company violated state privacy laws following a student data breach. The settlement marks the first enforcement actions under the California K-12 Pupil Online Personal Information Protection Act (KOPIPA, formerly known as SOPIPA) and Connecticut’s Student Data Privacy Law, and also constitutes the second major enforcement action under New York Education Law § 2-d.
Alerts
2.13.25
FTC Appoints New Bureau Directors: What to Expect from Directors Christopher Mufarrige and Daniel Guarnera
Federal Trade Commission (FTC) Chairman Andrew Ferguson has made two significant management decisions that will impact the trajectory of his enforcement agenda. On February 10, 2025, Chairman Ferguson appointed directors for both the Bureau of Consumer Protection (BCP) and the Bureau of Competition (BC). Christopher Mufarrige was appointed as the Director of BCP and Daniel Guarnera as the Director of BC. Both were unanimously confirmed by the FTC Commissioners.
Alerts
2.05.25
Consumer Protection Update: With Disruption at the Federal Level, State Attorneys General Are Likely to Loom Large
We are less than a month into the new Trump administration and are seeing an unprecedented wave of activity and major changes at federal agencies. These changes promise to bring significant disruption to the staff and negatively impact the typical activities of numerous agencies, including the nation’s consumer protection watchdog, the Federal Trade Commission (FTC). As discussed below, we expect the impact on the FTC to be significant given the rapid and aggressive moves by the new administration. And we expect state Attorneys General (AGs) to step in to fill the gap.
Alerts
1.29.25
New Federal Children's Privacy Requirements Are Not Child's Play: FTC Amends COPPA Rule, Imposing New Obligations on Child-Directed Services
Companies that may have child users, or whose competitors have child users, take note. On January 16, 2025, the Federal Trade Commission (FTC) announced the final amendments to the Children’s Online Privacy Protection Rule (COPPA Rule). At a high level, the COPPA Rule requires websites or online services to provide notice and obtain verifiable parental consent before collecting information from children under the age of 13. The Rule’s amendments slightly expand the Rule’s scope, change the previous notice and consent provisions, and implement new data security requirements. Violations of the Rule would be subject to $53,088 in civil penalties per violation.
Alerts
1.07.25
New Year, New Developments: 2025 U.S. Privacy, Cybersecurity, and Consumer Protection Predictions
With Inauguration Day just around the corner, we are likely to see a host of new legislative and enforcement initiatives at the federal level. The Federal Trade Commission (FTC) will shift certain priorities under incoming Chairman Andrew Ferguson’s direction. And at the state level, legislatures and state attorneys general (state AGs) will continue to be active, enacting and enforcing a slate of new laws. As we ring in the new year, companies should be mindful of the new laws, regulations, and enforcement priorities that will likely impact them. Below are the top 10 U.S. privacy, cybersecurity, and consumer protection developments to watch out for in 2025:
Alerts
10.17.24
Subscription and Auto-Renew Offerings Face New Hurdles: FTC Issues Broad “Click-to-Cancel” Rule Imposing Nationwide Requirements
Companies that automatically renew customers’ subscriptions or memberships, take note. On October 16, 2024, the Federal Trade Commission (FTC) announced sweeping amendments to the Negative Option Rule, which would apply to a host of subscription-based products and services that have an auto-renewal feature (i.e., a negative option offering), including those directed to businesses. The Rule includes specific and prescriptive requirements, such as requirements to 1) obtain consumers’ affirmative consent to an auto renewal feature “separate from any other portion of the transaction,” 2) present all material terms of the transaction “immediately adjacent to” the means of recording consumer consent, and 3) allow for simple cancellation in the same medium the consumer used to consent, noting that a chatbot cancellation method would not be acceptable unless the initial transaction was made through a chatbot. Violations of the Rule would be subject to $51,744 in civil penalties per violation.
Alerts
10.07.24
Maryland Age-Appropriate Design Code Effective October 1, 2024
On October 1, 2024, the Maryland Age-Appropriate Design Code (Maryland AADC) became effective. The Maryland AADC introduces onerous new compliance requirements on companies that are reasonably likely to be accessed by minors under the age of 18.
Newsletters
10.03.24
Focus on Fintech – Q2 2024
In the latest edition, our attorneys discuss updates and developments from federal regulators, including those related to cryptocurrencies, cybersecurity in financial markets, and the intersection of fintech and AI. They also discuss rulemakings and proposals from the SEC, the CFTC, and FinCEN, and examine a federal appellate court’s recent decision to vacate SEC rules governing private fund advisers. Finally, they conclude with a survey of consumer protection developments, which discusses recent policy initiatives from the CFPB, and a novel payments law passed by the Illinois legislature.
Alerts
7.08.24
"Chevron is overruled": How Loper Bright Will Change the Regulatory Law Landscape
In a decision with far-ranging implications for federal administrative law, the United States Supreme Court issued its long-awaited ruling in Loper Bright Enterprises v. Raimondo (Loper Bright).1 The Supreme Court’s six-Justice majority held that the Administrative Procedure Act (APA) requires courts interpreting agency regulations to determine independently whether the agencies have acted within their statutory authority, even where the statute at issue is ambiguous. In so holding, the Court overruled its 1984 decision in Chevron USA v. Natural Resources Defense Council, which for the last four decades had governed thousands of cases involving federal agency interpretations of ambiguous laws.