The FDA recently issued new guidance that allows institutional review boards (IRBs) to waive or alter the FDA’s informed consent requirements for certain minimal risk clinical investigations without objection from the FDA.
The statutory basis for the guidance comes from amendments made by the 21st Century Cures Act from late in 2016 (P.L 144-255). This guidance, which took effect on July 25, 2017, is the first step for the FDA on this issue. The FDA intends to implement subsequent regulations to permit IRB waiver or alterations of informed consent requirements for minimal risk clinical investigations.
Continue reading “New FDA Guidance on Waiver of Informed Consent for Minimal Risk Investigations”
The Federal Trade Commission (FTC) has updated its guidance applicable to the Children’s Online Privacy Protection Act (COPPA) to reflect developments in the digital advertising ecosystem and a burgeoning Internet of Things marketplace. The Guidance revises its six-step compliance plan to keep current with developing technology.
The Guidance, which had existed in substantially the same form since 2015, contains three new updates relating to new methods for obtaining parental consent, new products covered by COPPA, and new business models.
Continue reading “FTC Updates COPPA Guidance to Approve New Parental Consent Methods; Clarify Obligations for Sites not Primarily Targeting Children”
The New Jersey “Personal Information and Privacy Protection Act” was signed into law on July 21, 2017 by Governor Chris Christie and will be effective November 1, 2017.
The law restricts the way retail establishments may collect and use the personal information contained in the electronic data embedded in identification cards, such as driver’s licenses. The law responds to concerns raised by reports related to how businesses use and store personal information obtained from scanned driver’s licenses.
Continue reading “New Jersey Enacts Personal Information and Privacy Protection Act”
Nevada recently joined California as the second state to require that operators of websites and online services post public notices outlining their privacy practices. The Nevada law, which went into effect on July 1, requires that the posted notice on the website or online service do the following:
- Identify the categories of “covered information” collected through the site.
- Describe the process for consumers to review and request changes to the covered information collected through the site.
- Describe the process by which the operator notifies consumers of material changes to the notice.
- Disclose whether third parties may collect information about a consumer’s online activities over time and across different websites when the consumer uses the site.
- List an effective date.
Continue reading “New Nevada Law Mandates Posting of Privacy Practices”
The amendments to Japan’s Act on the Protection of Personal Information went into effect on May 30, 2017. The amendments provide clarity on what types of personal information will be regulated and steps operators need to take to be in compliance.
The Act, Generally
Formulated “to protect an individual’s right and interests while considering the utility of personal information,” the Act (1) sets forth the overall vision and policy regarding the proper handling and protection of personal information, (2) clarifies the responsibilities and obligations of the central and local governments in the protection of personal information, and (3) ensures that the proper application of personal information contributes to the creation of new industries, the realization of a vibrant economic society, and an enriched quality of life for the people of Japan.
Continue reading “Japan’s Protection of Personal Information Amendments Go into Effect”