More from the AG:

• Companies have the option to use a blue Privacy Options icon, developed by Carnegie Mellon University and the University of Michigan, that guides consumers to where they can opt out of having their personal data collected and sold.
• The initial regulations implementing the CCPA went into effect on Aug. 14, 2020, but some rules were withdrawn to clarify required processes for businesses; the state's Office of Administrative Law approved the changes this month.
• “These protections ensure that consumers will not be confused or misled when seeking to exercise their data privacy rights," Becerra said.

More:

• A German court recently vacated a $17.2M fine against Deutsche Wohnen, arguing that the company could not be held responsible for violating GDPR unless fault could be attached to a specific individual or executive.
• Vodafone Spain was recently fined €8.15M ($9.71M) for 191 data processing and consent practice violations over a two-year period. 
• Ticketmaster, Marriott, and British Airways were all fined for GDPR violations that occurred during the U.K. lockdown in response to the COVID-19 pandemic.

More:

• The testing is being carried out under the Investigatory Powers Act 2016, which provides a framework for the use of investigatory powers by law enforcement and intelligence agencies.
• Among other things, the law provides for the retention of internet connection records (ICRs) that detail what individuals do online.
• Civil liberties groups warn that there is little transparency about the surveillance tool and the law's implementation.

More:

• The Uniform Law Commission was established in 1892 to provide states with non-partisan legislation in areas of the law where uniformity would be beneficial.
• A uniform state model offers an alternative to a federal privacy law in providing a unified legal framework in the area of privacy.
• The ULC has succeeded in convincing all states to adopt its Uniform Commercial Code.
• The CUPID Act is currently in draft form and is expected to be ready in the summer of 2021.

More:

• Apple's AirTags is a Bluetooth tracking device intended to be attached to computers, phones, keys, wallets, and other objects so they can be located using the Find My app.
• However, domestic abuse advocates are concerned that the AirTags could be exploited by abusive domestic partners.
• Benjamin Mayo, an iOS developer, tweeted that the iOS beta includes Item Safety, which notifies users about any unauthorized use of AirTags.

More:

• Earlier this month, Google announced it would be phasing out third-party tracking cookies on Chrome and was working on a Privacy Sandbox to protect privacy while providing results for advertisers and publishers
• The AGs' complaint alleges that Google uses its market power in search, streaming video, and other markets to stamp out other ad platforms, forcing small firms and media to use its system.
• The complaint states that Google "does not actually care about privacy," but wants to insert itself "in the middle of publishers' business relationships with non-Google advertising companies."

More:

• The Upturn study found that 2,000 U.S. state and local law enforcement agencies have purchased these forensic tools and have performed hundreds of thousands of "cellphone extractions" since 2015, often without a warrant.
• Cellebrite boasts it can "determine locks and perform a full file system extraction of all iPhone devices from iPhone 4S to the latest iPhone 11/11 Pro/Max running the latest iOS versions" up to 13.4.1.
• In addition, the company claims it can "bypass or determine locks and perform a physical extraction (full-disk encryption) or full file system extraction (file-based encryption) on most Android devices on the market."
• Yet, FBI Director Christoper Wray complained in Senate testimony this month that device encryption limits law enforcement's ability to "bring perpetrators to justice."

• Social platform privacy updates: TikTok announced that starting April 15, users will not be able to opt out of personalized ads; Clubhouse is ending its policy of requiring access to contact lists before letting a user invite friends to an audio chat. 
• Sky Global Jean-Francois Eap, who was recently indicted by the U.S. Department of Justice (DoJ) for providing encrypted chat services to cybercriminals, argues that the DoJ is retaliating against him for taking a stand against "unwarranted surveillance."
• The American Civil Liberties Union and the Electronic Frontier Foundation are calling for limits on data collection by government-run license plate readers.