Greetings from Portsmouth, New Hampshire!

As expected, this week was a maelstrom for U.S. privacy law, both at the state and federal level. But more on that in a moment.

The Federal Trade Commission made waves this week with a record-breaking privacy settlement with social networking app Musical.ly (now called TikTok). The $5.7 million settlement is, to date, the largest ever fine for a Children's Online Privacy Protection Act violation, surpassing a December 2018 agreement between the New York Attorney General's office and Oath. In his Privacy Tracker analysis this week, IAPP Westin Fellow Mitchell Noordyke points out a notable nugget in a corresponding joint statement by the FTC's two Democrat commissioners. They both suggest that the agency "may investigate individual corporate officers in future cases of egregious conduct." Of course, there's nothing binding in this statement, but perhaps this plants a seed for future investigations. This is at least the second time within the last calendar year that charging corporate officers for privacy violations has been floated in Washington. To wit: Oregon Sen. Ron Wyden proposed privacy legislation in recent months that would put criminal liability on executives. Though far from a reality, it's worth keeping an eye on.

Mitch also tracked a Washington state hearing on its proposed privacy law, the Washington Privacy Act (we're hoping to get traction on WaPA — what do you think? Any takers?). We're hearing rumors this law has traction and could well pass sometime in the next month or so. No promises, but this is an area to watch closely, especially since this law borrows some terminology from the EU General Data Protection Regulation. Mass. Gov. Charlie Baker also signed a new bill into law this week requiring organizations that hold consumer data to provide free credit-monitoring services in the event of a data breach. 

California was also busy this week. We hosted the CCPA Comprehensive in Fremont, and though I was not there, by all accounts, the room was packed, the content was practical, and the event was a success. If you were there, we'd love to hear your feedback. Thanks to all of you who attended. The very next day, Tuesday, California Attorney General Xavier Becerra and state Sen. Hannah-Beth Jackson announced a proposed amendment to the CCPA, which would, among other things, introduce a private right of action to residents. Privacy advocates, including the ACLU, expressed support this week for AB 1760 — aka "Privacy for All" — in an attempt to further strengthen the CCPA.

No doubt, there's lots to look out for as more amendments are proposed before the CCPA goes into effect next year. 

But this is all just the tip of the iceberg. Angelique Carson spent the week scurrying all over Capitol Hill to report on the latest House and Senate hearings on a federal privacy bill. She was present for both hearings and provided detailed recaps for The Privacy Advisor. Be sure to check them out below.