BBB National Programs Blog

Every day, teens download apps for free on the Google Play and Apple App Stores and, in doing so, participate in a hidden advertising ecosystem that collects data from them. In-app purchase options and behavioral advertising further complicate things. Though these monetization models have caused the mobile app economy to flourish, they sometimes come at the cost of user privacy.

While the AADC injunction is not the final word on the constitutionality of California’s approach to regulating online harms, the injunction—and the reasoning that underlies the district court’s decision—raises important questions and creates an entry point to establish a robust minimum bar of protections for teens.

Employing AI in the recruiting and hiring process voluntarily, under the auspices of independent industry self-regulation, is often far preferable to being forced to do so under a regime of top-down government regulation.

Pop culture powerhouse Barbie teaches us that corporations can have a long-lasting impact on children and teens, and the FTC seems to agree, adopting an aggressive stance on children’s and teen privacy in the last few months. We break down what this means for companies in looking to engage a child or teen audience.

The NTIA recently issued a request for comment to gather stakeholder feedback on AI accountability measures and policies to assist in the crafting of a report on AI accountability policy and the AI assurance regime. Nearly 200 organizations responded and we pulled a diverse, representative sample of the responses to summarize stakeholder feedback on this important question.

The FTC and HHS sent a warning letter to nearly 130 hospitals and health systems cautioning them about their data privacy and security practices. Notably, these are entities that comply with HIPAA. Aren’t companies in compliance with HIPAA already covering their consumer data privacy bases? Not completely.

The NTIA’s recent request for comment focuses on a lesser documented angle in the public discourse: the role of soft law mechanisms to supplement the enforcement objectives of federal agencies. These accountability mechanisms – including compliance certifications, audits, and third-party verification practices – can serve as a policy solution to further the goals of the White House’s national strategy on AI.

Substantiating product claims is required by law and may help brands avoid an inquiry from the FTC or other regulatory bodies. The founders of The Benchmarking Company, a consumer research firm for the beauty and personal care industries, interviewed NAD attorney Jennifer Santos to uncover what every brand should know about NAD.

This piece includes a list of routine examples of consumer health information, that, at face value may have one level of risk. But, depending on the context and the risk associated with the use of that data, and whether it is combined with other data sources and data elements or made available in the public domain, it could lend itself to differing levels of regulation and enforcement activity.

While momentum continues to build around what a regulated consumer health privacy landscape looks like, the environment remains shrouded in shades of gray. To date, a risk-based approach to consumer health data does not exist, but we believe a sliding scale for the risks carried by consumer health data should.