What privacy issues are on deck for 2023? Here are some of the most interesting ones (Part One)

2022 was a remarkable year for privacy. Utah and Connecticut enacted new privacy laws. California and Colorado launched detailed (and continuing) privacy rulemakings. Congress proposed a landmark bipartisan, bicameral federal privacy bill (the American Data Privacy and Protection Act, or ADPPA). And the FTC initiated a sweeping privacy rulemaking under its Section 18 (Mag-Moss) rulemaking authority.

As if that weren’t enough, the US and EU announced a new Transatlantic Data Transfer Framework. We saw aggressive enforcement of UDAP and privacy laws at the federal and state levels. California passed an Age Appropriate Design Code (similar to the UK’s), while Congress proposed multiple kids’ privacy bills. And, amidst all of this, ​“dark patterns” and ​“surveillance” shot to the top of the privacy lexicon.

2023 promises to be just as active, with further twists and turns on all of the above. Notably, the five new state privacy laws we’ve all been awaiting and planning for will take effect at various points in 2023. Further, other states may join the fray, enacting their own laws. If 2022 was the year that regulators and companies spent positioning themselves on the field, 2023 will be the year the balls start flying.

We’ll be blogging on all of this in 2023 but, for now, we want to highlight some issues we’re watching with particular interest.