Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
Bridging the Gap: How CivicReach is Revolutionizing Government Customer Service
The Privacy Insider Podcast Episode 11: Signal and Noise: The New Administration, Privacy, and Our Digital Rights with Cindy Cohn of Electronic Frontier Foundation
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
"Monsters Inc." y el tratamiento de los datos
The American Privacy Right Act (APRA) explained
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
Navigating State Privacy Laws
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
Are You Ready to Comply With New State Data Privacy Laws?
Embracing Data Privacy to Drive Business Growth: On Record PR
Data Dividend: What is Personal Data Worth?
In an increasingly data-driven digital landscape, businesses are constantly seeking tools to better understand and optimize user experiences. One such tool is session replay—a powerful technology that allows organizations to...more
Nebraska AG Mike Hilgers sued General Motors LLC and its subsidiary OnStar LLC (collectively, “GM”) over allegations that GM misled vehicle purchasers into enrolling in programs that collected and shared their driving data...more
Utah AG Derek Brown and the Utah Division of Consumer Protection jointly sued Snap, Inc., the parent company of Snapchat, facilitating child sexual exploitation and sextortion through its design features and recommendation...more
Healthline Media has agreed to pay $1.55 million to resolve allegations that it violated the California Consumer Privacy Act (CCPA) – which is the largest settlement to date under the state’s landmark privacy law. The...more
On July 1, 2025, California Attorney General Rob Bonta announced a settlement with Healthline Media LLC stemming from alleged violations of the state’s consumer privacy law, the California Consumer Privacy Act (CCPA)....more
Five new state privacy laws took effect in January 2025—Delaware (DPDPA), Iowa (ICDPA), Nebraska (NDPA), New Hampshire (NHPA), and New Jersey (NJDPA)—adding to the compliance maze for businesses operating across state lines....more
This monthly report outlines key developments in China’s data protection sector for June. TC260 Two Cybersecurity Practice Guidelines on Personal Information Protection Compliance Audits: On May 19, 2025, TC260 issued two...more
A bipartisan coalition of 28 AGs have filed a lawsuit against 23andMe Holding Co. and 23andMe, Inc. (collectively “23andMe”) to protect human genetic data collected by the company from being sold without consumers’ consent as...more
As FTC Chair Andrew Ferguson establishes his enforcement priorities, his positions on data categorization and surveillance pricing reveal a consistent philosophy that balances privacy protection with innovation. This is the...more
The attorneys general in Arkansas and Indiana are the most recent AGs to file lawsuits under their respective state laws protecting the privacy of driver data. We previously reported that the state of Texas filed a similar...more
A pair of recent enforcement actions by the California Privacy Protection Agency (CPPA) unveiled the agency’s latest enforcement priorities for business-to-consumer companies. In March 2025, the CPPA announced a settlement...more
Readers may recall prior pieces in which we discussed a pair of law firms responsible for bringing California Invasion of Privacy Act (“CIPA”) arbitration demands against online businesses. These CIPA arbitration demands...more
On May 1, 2025, the California Privacy Protection Agency (CPPA) issued a final order against clothing retailer, Todd Snyder, for violations of the California Consumer Privacy Act (CCPA). The enforcement action targeted the...more
The California Privacy Protection Agency (CPPA) has intensified its enforcement activities in 2025, bringing enforcement actions under both the California Consumer Privacy Act (CCPA) and the California Delete Act in the last...more
Regulations matter, but until they’re enforced, they’re all just so many words (so, so many words) on paper. Businesses know that what really counts is whether, how, where, and when regulators enforce the law....more
While Andrew Ferguson advocates for a restrained regulatory approach at the FTC, his statements and voting record reveal clear priority areas where businesses can expect continued vigorous enforcement. Two areas stand out in...more
In a significant enforcement move, California’s consumer privacy regulator just ordered a national clothing retailer to pay a $345,178 fine to resolve alleged violations of the state’s privacy law. The California Privacy...more
On May 9, 2025, the Texas Attorney General Ken Paxton announced a $1.375 billion settlement with Google—by far the largest state-level privacy settlement reached against Google to date. The settlement resolves lawsuits filed...more
The California Privacy Protection Agency (CPPA) recently fined clothing retailer Todd Snyder almost $350,000 for two types of consumer privacy errors. Due to technical errors during a 40-day period, it was impossible for Todd...more
On May 6, the California Privacy Protection Agency (CPPA) announced a settlement with Todd Snyder, Inc. over allegations that the men’s retail brand violated CCPA rules on submission and fulfillment of privacy rights...more
The California Privacy Protection Agency (“CPPA”) has made it abundantly clear: privacy compliance isn’t just about publishing the right disclosures – it’s about whether your systems actually work. On May 6, the agency fined...more
Businesses are constantly seeking innovative ways to improve their customers’ experiences. Originally published in Law360 - February 10, 2025....more
State enforcement agencies are keeping the pressure on businesses, with two new enforcement actions announced this week in California and Texas. This activity signals to companies – both within and outside of the United...more
While uncertainty continued to loom over the CFPB, the states did not take a spring break. Instead, we saw an eye-popping settlement from NY DFS involving BSA/AML claims. And both republican and democratic AGs continued to...more
In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more