On July 25, Missouri, Arkansas, and Iowa (the states), along with intervenors American Water Works Association and National Rural Water Association (the water associations), petitioned the Eighth Circuit to review the U.S. Environmental Protection Agency’s (EPA) new rule requiring states to review and report cybersecurity threats to their public water systems (PWS).

Continue Reading EPA Cybersecurity Rule Challenged by States and Water Systems Associations

On August 21, the U.S. Supreme Court denied a request by West Virginia Attorney General (AG) Patrick Morrisey and 26 other state AGs to participate in oral arguments in Consumer Financial Protection Bureau (CFPB) et al. v. Community Financial Services Association of America et al., which concerns whether the CFPB’s statutory authorization violates the Constitution’s Appropriations Clause. Morrissey and 26 other predominantly Republican state AGs have submitted an amicus brief arguing that it does. Morrissey is joined by the AGs for Alabama, Alaska, Arkansas, Florida, Georgia, Idaho, Indiana, Iowa, Kansas, Kentucky, Louisiana, Mississippi, Missouri, Montana, Nebraska, New Hampshire, North Dakota, Ohio, Oklahoma, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, and Wyoming.

Continue Reading Supreme Court Denies Oral Argument to Republican State AGs Who Argue That the CFPB Funding Mechanism Is Unconstitutional

This article was originally published on August 24, 2023 in Reuters and is republished here with permission.

In the burgeoning realm of data incidents, it is a truism that such incidents are not created equal. Indeed, a data incident is not necessarily a data breach.

An incident is any “occurrence that actually or potentially jeopardizes the confidentiality, integrity or availability of an information system,” or an event that constitutes a violation of an organization’s computer security or acceptable use policies. National Institute of Standards and Technology, Minimum Security Requirements for Federal Information and Information Systems, FIPS 200, at 7 (Mar. 9, 2006) (nist.gov). A breach is an incident that imposes statutory and regulatory obligations on an affected organization when it holds or controls certain consumer information.

Continue Reading Data Protection: One of These Incidents Is Not Like the Other

On August 16, a coalition of seven state attorneys general (AG) announced a settlement with participants alleged to be involved in a “massive” robocall operation. The stipulated order, which names Scott Shapiro, Michael T. Smith, Jr., and Health Advisors of America (defendants), permanently bans Shapiro and Smith from initiating or facilitating robocalls; working in or with companies that make robocalls; and engaging in telemarketing. The settlement also requires the defendants to make monetary payments to the coalition, which is comprised of AGs from the states of Arkansas, Indiana, Michigan, North Carolina, North Dakota, Ohio, and Texas (the AGs).

Continue Reading Seven State AGs Announce Settlement With Robocallers

Massachusetts Attorney General (AG) Andrea Joy Campbell announced the creation of a new Elder Justice Unit, which will use existing resources to protect and promote the safety and well-being of elders through enforcement actions, legislative advocacy, and community engagement and education.

Continue Reading Massachusetts AG Announces Creation of New Elder Justice Unit, Appoints Experienced Health Care Prosecutor As Head

On August 18, 2023, a New York Supreme Court judge has enjoined New York cannabis regulators from further processing, approving, or investigating any new or pending applications for a state conditional adult-use retail dispensary (CAURD) license, leaving New York’s nascent adult-use cannabis market in limbo.

Continue Reading New York State Court Enjoins Licensing of Adult-Use Cannabis Dispensaries Statewide Amid Retail Cannabis Regulation Disputes

Public water utilities and 3M have until August 28 to respond to the bipartisan coalition of 22 state attorneys general (AGs) that opposes their proposed $12.5 billion class action settlement over alleged per- and polyfluoroalkyl substance (PFAS) contamination and is seeking to intervene in their litigation.

Continue Reading Plaintiffs and 3M Given August 28 Deadline to Respond to State AGs’ Opposition to $12.5B Settlement in the PFAS Multidistrict Litigation

Connecticut Attorney General (AG) William Tong, along with Illinois, New Hampshire, and Tennessee AGs, jointly authored a letter to the Federal Trade Commission (FTC) urging improved collaboration with state AGs.

Continue Reading Connecticut AG Leads Bipartisan State AG Coalition in Emphasizing the Importance of Federal-State Partnerships to Prevent Consumer Fraud

In August, District of Columbia Attorney General (AG) Brian Schwalb issued a Supplemental Business Advisory (advisory) to provide guidance and examples to restaurants for complying with their legal obligation under the District’s Consumer Protection Procedures Act (CPPA) to adequately disclose all fees, including service fees, to customers. See D.C. Code § 28-3901, et seq. The advisory clarifies that the CPPA does not prohibit restaurants from charging such fees or surcharges, but emphasizes that “these fees may violate the CPPA if they are not timely, prominently, and clearly disclosed to diners before they place their orders.”

Continue Reading District of Columbia AG Issues Supplemental Business Advisory on Restaurant Fees

On August 10, Michigan Attorney General (AG) Dana Nessel issued a press release to report the success of the new Unlicensed Builders Pretrial Diversion Program that was launched in February. AG Nessel launched the new program to promote licensing compliance, ensure restitution to victims, and efficiently resolve cases of Michigan consumer complaints of harm caused by unlicensed builders in the state.

Continue Reading Michigan AG Reports That New Program to Address Unlicensed Builders Shows Great Success