Chelsea Rissmiller

U.S.: CalPrivacy Continues Enforcement Momentum: Settlement Over Opt-Out of Sale/Sharing Violations

By Andrew Serwin & Chelsea Rissmiller on March 17, 2026

On March 5, 2026, the California Privacy Protection Agency (CalPrivacy or the Agency) announced a $375,703 settlement with Ford Motor Company (Ford), stemming from its long-running investigation into the privacy practices of connected vehicle manufacturers, an inquiry the Agency has been pursuing since 2023.

The Ford matter was announced just days after CalPrivacy’s settlement with…

US: CCPA and California Privacy Protection Agency Updates: 2024 to Date

By Kate Lucente, Chelsea Rissmiller & Brandon Weinreb on April 24, 2024

Posted in Uncategorized

On April 2, 2024, the CPPA Enforcement Division issued its inaugural advisory, emphasizing the importance of data minimization. (Read more about

US CIRCIA Update: CISA Proposed Regulations Released

By John Gevertz & Chelsea Rissmiller on April 15, 2024

Posted in Cyber security

This month, the Department of Homeland Security (“DHS”) Cybersecurity and Infrastructure Security Agency (“CISA”) released its long-awaited proposed draft regulations pursuant to the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA” or the “Act”).

The Act was enacted on March 15, 2022, following several significant and disruptive cyberattacks on critical infrastructure in the…

US: New Hampshire Enacts 15th Comprehensive State Privacy Law

By Kate Lucente, Chelsea Rissmiller, Matt Danaher & Wendy Novotne on April 12, 2024

Posted in New laws

On March 6, 2024, the New Hampshire Governor signed into law Senate Bill 255 (the “NH Act”), making New Hampshire the 15^th state to adopt a comprehensive state privacy law. The NH Act will take effect January 1, 2025. This post explores how the NH Act stacks up against the other comprehensive state privacy…