During a Board Meeting on July 24, 2025, the California Privacy Protection Agency (CPPA) unanimously approved the long-awaited final text of its second rulemaking package, implementing a broad swath of new requirements...more
8/1/2025
/ Audits ,
Automated Decision Systems (ADS) ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Final Rules ,
New Rules ,
Risk Assessment ,
State Privacy Laws
California Assembly Bill 2013 (AB 2013), known as the Generative Artificial Intelligence: Training Data Transparency Act, was signed into law on September 28, 2024, and is set to take effect on January 1, 2026. ...more
6/11/2025
/ Artificial Intelligence ,
California Privacy Protection Agency (CPPA) ,
Copyright ,
Data Collection ,
Data Privacy ,
Disclosure Requirements ,
New Legislation ,
Regulatory Requirements ,
Software Developers ,
Technology Sector ,
Trade Secrets ,
Transparency
The artificial intelligence (AI) landscape is evolving at a dizzying pace. Just as organizations were adapting to generative AI and its capabilities for creating content, a new paradigm has emerged. ...more
One hundred days into the new administration, recent developments across multiple US federal agencies reflect a quickly evolving approach to digital governance, with notable shifts in regulatory priorities related to AI, data...more
Life sciences companies have long been outside the scope of US national security regulations and benefited from significant exemptions under US privacy laws. ...more
4/15/2025
/ CFIUS ,
China ,
Clinical Trials ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Protection ,
Department of Justice (DOJ) ,
Foreign Investment ,
Life Sciences ,
National Security ,
Personal Data ,
Regulatory Requirements ,
Sensitive Personal Information
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
4/7/2025
/ China ,
Corporate Counsel ,
Cuba ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Security ,
Department of Justice (DOJ) ,
Foreign Investment ,
International Data Transfers ,
Iran ,
New Rules ,
North Korea ,
Personal Data ,
Personal Information ,
Regulatory Requirements ,
Russia ,
Sensitive Personal Information ,
Third-Party Risk ,
Third-Party Service Provider ,
Venezuela
The Trump Administration has not slowed down in its rollout of wide-sweeping technology policy changes with potentially significant impacts to be felt throughout the country and around the globe...more
It would be an understatement to say that the Trump administration has had a busy first week. Within just a few hours of the new administration coming into power, it repealed a number of Biden-era executive orders across a...more
On January 16, 2025, the Federal Trade Commission finalized changes to the Children's Online Privacy Protection Act (COPPA) Rule. ...more
1/31/2025
/ Amended Rules ,
Consent ,
Consumer Privacy Rights ,
COPPA ,
Data Privacy ,
Data Protection ,
Data Retention ,
EdTech ,
Federal Trade Commission (FTC) ,
Online Platforms ,
Online Safety for Children ,
Parental Consent ,
Privacy Laws ,
Websites
On December 27, 2024, the US Department of Justice (DOJ) issued a final rule establishing a new national security program to prevent access to Americans’ bulk sensitive personal data and government-related data by China...more
Over the past decade, the hospitality industry has rapidly adopted intensive technologies to meet the rising expectations of guests, personalize each guest’s experience, and cultivate and enhance customer loyalty. Access to...more
9/25/2024
/ California Consumer Privacy Act (CCPA) ,
Compliance ,
Consumer Privacy Rights ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Security ,
Data-Sharing ,
Hospitality Industry ,
Hotel Management Agreements ,
Hotels ,
Notice Requirements ,
Opt-Outs ,
Personal Data
Since the passing of the California Consumer Privacy Act (CCPA) in 2018, California has led the nation in privacy regulation and enforcement. But, beginning July 1, 2024, Texas will be the new sheriff in town....more
On March 31, 2024, the Washington My Health My Data Act (MHMDA), a comprehensive consumer health privacy law, will come into force. Small businesses – defined as those processing consumer health data of fewer than 100,000...more
3/29/2024
/ Advertising ,
Consent ,
Consumer Privacy Rights ,
Data Privacy ,
Exemptions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Notice Requirements ,
Patient Privacy Rights ,
Personal Data ,
PHI ,
Popular ,
Small Business ,
State Privacy Laws ,
Wellness Programs
Generative AI (GenAI) surged to the forefront of corporate agendas and public policy debates last year, promising to boost productivity and innovation. What’s in store for AI in 2024?...more
1/17/2024
/ Artificial Intelligence ,
Authors ,
Authorship ,
Copyright ,
Copyright Infringement ,
Data Privacy ,
EU ,
General Data Protection Regulation (GDPR) ,
Innovative Technology ,
Inventors ,
Investors ,
IP License ,
Machine Learning ,
Patents ,
Pharmaceutical Industry ,
Popular ,
Privacy Concerns ,
Regulatory Oversight ,
Software ,
Technology Sector
On July 10, 2023, the European Commission adopted an adequacy decision for the new EU-US Data Privacy Framework (“DPF”), the revamped transatlantic framework designed to support transfers of personal data from the EU to...more
7/19/2023
/ Adequacy Requirement ,
Binding Corporate Rules ,
Certification Requirements ,
Data Privacy ,
EU ,
Executive Orders ,
Framework Agreement ,
International Data Transfers ,
Personal Data ,
Privacy Framework ,
Standard Contractual Clauses ,
Switzerland ,
UK
Generative AI models access vast pools of information from a wide variety of sources, including information users add in prompts. This can include private or sensitive information, which may be used without consent and may be...more
The metaverse will bring many benefits, but it is also likely to multiply and compound privacy issues, particularly given its global nature.
With the advent of the commercial internet in the 1990s, organizations were...more
10/19/2022
/ Artificial Intelligence ,
Augmented Reality ,
Biometric Information ,
Blockchain ,
Data Collection ,
Data Privacy ,
Data-Sharing ,
Internet ,
Metaverse ,
Personal Data ,
Popular ,
Privacy Concerns ,
State Privacy Laws ,
Tracking Systems ,
Virtual Reality
On October 7, 2022, President Biden signed an Executive Order on “Enhancing Safeguards for United States Signals Intelligence Activities,” establishing new privacy safeguards and oversight mechanisms for foreign intelligence...more
10/10/2022
/ Administrative Review Board ,
Biden Administration ,
Civil Liberties ,
Court of Justice of the European Union (CJEU) ,
Data Privacy ,
EU ,
EU-US Privacy Shield ,
Executive Orders ,
Foreign Intellgence ,
International Data Transfers ,
National Intelligence Agencies ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
Surveillance