On February 11, 2026, California Attorney General Rob Bonta announced a $2.75 million settlement with The Walt Disney Company (“Disney”), the largest civil penalty to date under the California Consumer Privacy Act as amended by the California Privacy Rights Act
The California Privacy Protection Agency (CPPA) just issued its second enforcement action under the CCPA and the message is clear: the CPPA is looking at your digital properties and tallying up the violations. Your website is more than a marketing
Even if your business only sells goods or services in the U.S., your business may be a “data broker” under the new bulk data regulations, according to an April 11, 2025 Compliance Guide issued by the U.S. Department of Justice
In addition to NT Analyzer recently adding API mapping to its complement of services, we have also incorporated JavaScript file analysis targeting those JavaScript files that are downloaded to a user’s browser from third-party remote hosts while navigating a company’s
This month, we have added “API mapping” and “JavaScript file analysis” as core components of the NT Analyzer tool suite. This post explains what API Mapping is and how the feature provides critical insights regarding the transmission and processing of
On January 16, 2025, the Federal Trade Commission (FTC) announced significant amendments to the Children’s Online Privacy Protection Act (COPPA) Rule after a comprehensive review that began in 2019. This marks the first major update since 2013 and represents a
Keeping track of where all the data is going can be devilishly difficult for companies, given the increasingly data-centric economy, massive changes in browser/mobile platforms, and the necessary use of a variety of
The privacy area has been white-hot lately, including litigation and investigations involving VPPA; Wiretap/Pen Register/Trap and Trace; and Opt Out Compliance. Furthermore, with the HHS updates on tracking in the HIPAA context, and
On March 18, 2024, the US Department of Health and Human Services (HHS) issued an updated, 17-page Bulletin titled “Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates (the Bulletin). Our readers may recall that HHS had
Google’s Data Safety Forms must be submitted by July 20, 2022. According to Google, failing to post by July 20, 2022 can result in the rejection of new Google Play app submissions.
After July 20,200, non-compliant apps could face removal