Johanna Skrzypczyk – Page 2 – Debevoise Data Blog

Artificial Intelligence

FTC Proposed Rulemaking Part 4 — Reducing Risks Associated with Artificial Intelligence

By: Avi Gesser, Erez Liebermann, Paul D. Rubin, Johanna Skrzypczyk, Anna Gressel, Michael R. Roberts, Melissa Muse and Melissa Runsten September 29, 2022

As we wrote in previous posts, on August 11, 2022, the Federal Trade Commission (the “FTC”) announced its Advance Notice of Proposed Rulemaking (the “ANPR”) seeking public comment on 95 questions focused on harms…

Privacy

California’s Age-Appropriate Design Code Act Expands Businesses’ Privacy Obligations Regarding Minors

By: Avi Gesser, Johanna Skrzypczyk, Michael R. Roberts, Michael Bloom, Martha Hirst and Alessandra G. Masciandaro September 19, 2022

On September 15, 2022, California Governor Gavin Newsom signed into law the bipartisan AB 2273, known as the California Age-Appropriate Design Code Act (“California Design Code”). The California Design Code…

CCPA

CCPA Enforcement Actions Take Aim at Sales of Personal Information

By: Avi Gesser, Johanna Skrzypczyk and Michael R. Roberts September 14, 2022

On August 24, 2022, the California Attorney General announced updates to its California Consumer Privacy Act’s (“CCPA”) enforcement case examples. A large number of the examples focused on compliance with…

CCPA

CCPA Will Cover Employee and B2B Data — Amendments Fail to Pass

By: Avi Gesser, Tricia Bozyk Sherno, Johanna Skrzypczyk and Michael R. Roberts September 2, 2022

On August 31, 2022, the legislative session in California came to a close without any amendments that would further extend—or make permanent—existing limited exemptions under the California Consumer Privacy Act…

FTC

The FTC’s Proposed Rulemaking Part 3 — Key Data Security Takeaways

By: Avi Gesser, Erez Liebermann, Paul D. Rubin, Johanna Skrzypczyk, Michael R. Roberts, Melissa Runsten, Anna Gressel and Melissa Muse August 29, 2022

As we noted in previous posts, on August 11, 2022, the Federal Trade Commission (“FTC”) announced its Advance Notice of Proposed Rulemaking (“ANPR”) seeking public comment on 95 questions focused…

FTC

The FTC’s Proposed Rulemaking Part 2 — Key Privacy Takeaways

By: Avi Gesser, Erez Liebermann, Paul D. Rubin, Johanna Skrzypczyk, Michael R. Roberts, Melissa Runsten, Anna Gressel and Melissa Muse August 24, 2022

On August 11, 2022, the Federal Trade Commission (the “FTC”) announced its Advance Notice of Proposed Rulemaking (the “ANPR”) seeking public comment on 95 questions focused on harms stemming from…

Automated Decision Making

Unpacking the FTC’s 95 Questions for Commercial Surveillance and Data Security Rulemaking (Part 1)

By: Avi Gesser, Erez Liebermann, Paul D. Rubin, Johanna Skrzypczyk, Michael R. Roberts, Melissa Runsten, Anna Gressel and Melissa Muse August 22, 2022

On August 11, 2022, the Federal Trade Commission (“FTC”) announced its Advance Notice of Proposed Rulemaking (“ANPR”) seeking public comment on 95 questions focused on purported harms stemming from “commercial…

CCPA

CPRA Rulemaking Is Underway – Getting Ahead of Enforcement Risks

By: Avi Gesser, David Sarratt, Christopher S. Ford, Johanna Skrzypczyk, Michael R. Roberts and HJ Brehmer July 28, 2022

On July 8, 2022, the California Privacy Protection Agency (the “Agency”) issued a Notice of Proposed Rulemaking, kicking off a forty-five day comment period for proposed updates to the California…

Artificial Intelligence

What the ADPPA Means for U.S. Data Regulation

By: Avi Gesser, Paul D. Rubin, Johanna Skrzypczyk, Alessandra G. Masciandaro and Michael R. Roberts July 12, 2022

On June 21, 2022, the House Energy and Commerce Committee formally introduced a new federal privacy bill: the American Data Privacy and Protection Act (“ADPPA”). Notably, the ADPPA has diverse…

Banking

36-Hour Breach Notification for Banks Is Here

By: Avi Gesser, Johanna Skrzypczyk, Michael R. Roberts, Courtney Bradford Pike and Andres Gutierrez May 31, 2022

On May 25, 2022, the Review of Banking & Financial Services published an article on the recently-issued banking agencies’ Final Rule on Computer-Security Incident Notification Requirements for Banking Organizations and…