Get these and other stories in real time when you subscribe to the Ad Law Access blog here or visit the Advertising and Privacy Law Resource Center here.

NAD Addresses Green Claims About Current Practice and Future Goals

As more companies develop Environmental, Social, and Governance (“ESG”) goals and advertise their progress towards those goals, we’re starting to see more challenges to those ads. Most of the challenges come from plaintiffs’ attorneys or competitors, but today’s post is about an inquiry that NAD initiated itself into claims that Georgia-Pacific made for its Quilted Northern Ultra Soft & Strong Bathroom Tissue.

The decision covers a lot of ground. For today, though, we’ll focus on an issue that we previewed earlier this year – the distinction between claims about what a company has already done versus what it plans to do.

Out with the Old, In with the New SCCs

As of September 27, 2021, the European Commission requires controllers and processors to rely on the recently updated Standard Contractual Clauses (SCCs) for any new contracts governing personal data transfers from the EEA. (Existing contracts can continue to use old SCCs until December 27, 2022.) This post provides an overview of what’s in the new SCCs and how they compare to the old clauses they replace.

CPRA Update: California Privacy Rulemaking Process Begins

On September 22, the California Privacy Protection Agency (CPPA) issued an invitation for public comments as part of its first preliminary” rulemaking activities. Established by the California Privacy Rights Act (CPRA) ballot initiative last November, the CPPA has the authority to write rules that address some of the most technical and controversial topics addressed in the CPRA.

FTC Chair Khan Unveils Her Plans for the Agency…But Leaves a Lot Unsaid

On Wednesday, FTC Chair Lina Khan sent a memo to FTC staff and Commissioners making her Acting Bureau Directors permanent and outlining her vision and priorities for the FTC. The memo provides much-anticipated guidance to both the FTC and the public regarding the direction she will take to running the agency and fulfilling its mission. It also hints at structural changes we may see in the coming months.

What a Difference a Decade Makes: The Future of Advertising

Over the past ten years, new technologies have forced a dizzying pace of evolution in advertising and marketing. All of this change begs the question: what will the next ten years bring? How will AI eliminate inefficiencies and create new challenges? In what ways will advertising enable access to content and enable consumer purchase decisions? What role will biometric data play in accessing, personalizing, and securing products and services? And how will companies meet the expectations of post-Millennial generations?

Change to NCAA Policy Creates New Group of Influencers

This summer, the NCAA suspended its long-standing policy that restricted student-athletes from being able to generate income from their name, image, and likeness (commonly referred to as NIL”). It didn’t take brands long to take advantage of the new opportunities. In the short time since the NCAA made its announcement, a number of companies and student-athletes have announced endorsement and influencer deals. We’re likely to see a lot more as the school year kicks off.

Health and Fitness Apps and IoT Technologies Should Take Note: FTC Expands Interpretation of its Health Breach Notification Rule

In an aggressive expansion of its security and privacy enforcement programs, on September 15, 2021, the FTC issued what it characterized as a Policy Statement” reinterpreting an old rule about personal health records.

First, some background. In 2009, Congress directed the FTC to create a rule requiring companies to provide notice when there is an unauthorized acquisition of certain health information not covered by HIPAA. At the time, the FTC explained that its Health Breach Notification Rule was narrow, consistent with the text of the law, applying only to security breaches by vendors of certain health data repositories (called personal health records” or PHRs”) and certain companies that work with PHR vendors.

StubHub Agrees to Pay $9.5 Million to End Refund Investigation

Last year, we posted about how some companies had retroactively changed their refund policies after COVID-19 hit, and we noted some of the potential pitfalls associated with that strategy. Lawsuits and regulatory investigations soon followed, and many have been working their way through the system. This week, ten states and DC announced that StubHub had agreed to pay over $9.5 million in refunds to end one such investigation.

Kelley Drye attorneys and industry experts provide timely insights on legal and regulatory issues that impact your business. Our thought leaders keep you updated through advisories and articles, blogs, newsletters, podcasts and resource centers. Sign up here to receive our email communications tailored to your interests.

Follow us on LinkedIn and Twitter for the latest updates.


The Patchwork Becomes a Quilt – Understanding the Evolving Landscape of Consumer Financial Privacy and Compliance
Nacha 2021 Fall Meeting
October 6, 2021”,“Webinar
Matthew Luzadder
Laura VanDruff

Why Legal and Product Need to be Linked for Privacy & Ad Tech
IAB Tech Lab Summit: Renaissance
October 14, 2021”,“Speaking Engagement
Alysa Hutnik

Consumer Litigation Under the California Consumer Privacy Act (CCPA)
October 27, 2021”,“Webinar
Laura VanDruff
Aaron Burstein