Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
Bridging the Gap: How CivicReach is Revolutionizing Government Customer Service
The Privacy Insider Podcast Episode 11: Signal and Noise: The New Administration, Privacy, and Our Digital Rights with Cindy Cohn of Electronic Frontier Foundation
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
"Monsters Inc." y el tratamiento de los datos
The American Privacy Right Act (APRA) explained
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
Navigating State Privacy Laws
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
Are You Ready to Comply With New State Data Privacy Laws?
Embracing Data Privacy to Drive Business Growth: On Record PR
Data Dividend: What is Personal Data Worth?
In an increasingly data-driven digital landscape, businesses are constantly seeking tools to better understand and optimize user experiences. One such tool is session replay—a powerful technology that allows organizations to...more
In Part Two of this FAQ series, we continue to break down Virginia’s Senate Bill 754, Consumer Protection Act; prohibited practices, etc., reproductive or sexual health information (Act), which amends the Virginia Consumer...more
Five new state privacy laws took effect in January 2025—Delaware (DPDPA), Iowa (ICDPA), Nebraska (NDPA), New Hampshire (NHPA), and New Jersey (NJDPA)—adding to the compliance maze for businesses operating across state lines....more
On June 2, the New Jersey Division of Consumer Affairs announced the publication of new proposed regulations to implement the New Jersey Data Privacy Act (NJDPA), N.J. Stat. §§ 56:8-166.4 et seq., which went into effect on...more
Data subject access requests (DSARs), or subject rights requests (SRRs), are evolving. Whether your organization is based out of the EU, the US, or elsewhere in the world, consumers’ awareness and expectations are...more
Businesses are constantly seeking innovative ways to improve their customers’ experiences. Originally published in Law360 - February 10, 2025....more
Whether you are swamped by a deluge of subject rights requests or just want more time to spend on strategic work, managing SRRs effectively is a highly sought-after goal — one that's seldom achieved. Between parsing...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
On March 10, the California attorney general’s office announced an “ongoing investigative sweep into the location data industry” (“investigative sweep”) for compliance with the California Consumer Privacy Act’s (“CCPA”)...more
After Washington adopted the My Health My Data Act (MHMDA) almost two years ago, we and others predicted that the law would lead to a wave of private lawsuits against companies operating in or adjacent to the health space....more
Your perspectives and perceptions towards a problem drive your approach to solving that problem. Managing data privacy challenges are no different. Therefore, to address today’s issues, it is a worthwhile exercise to review...more
As new state data privacy laws continue to emerge and existing ones evolve, businesses face increasing complexity in maintaining compliance. Our Second Annual Data Privacy Forum focuses on key state privacy laws and explores...more
On December 5, 2024, the Colorado Department of Law adopted amended rules to the Colorado Privacy Act (CPA)....more
On December 3, 2024, the Consumer Financial Protection Bureau (CFPB) published its highly anticipated notice of proposed rulemaking (NPRM) that would regulate data brokers and the sale of Americans’ personal and financial...more
The California Privacy Protection Agency (CPPA) Board met on November 8th and voted to adopt new regulations for data broker registration requirements. Under current requirements, data brokers are required to register with...more
On November 12, 2024, the Consumer Financial Protection Bureau (CFPB) released a report examining the carve outs and limitations contained in comprehensive state privacy laws relating to financial institutions. In an...more
Approximately one year after the Colorado Privacy Act (CPA) Rules went into effect, the Colorado Attorney General proposed draft amendments to reflect recent changes to the CPA. Recall that the CPA applies to "controllers"...more
On November 14, 2024, the California Privacy Protection Agency (“CPPA”), which is tasked with enforcing the California Consumer Privacy Act (the “CCPA”), announced it settled with two data brokers, Growbots, Inc. and UpLead...more
The California Privacy Protection Agency (CPPA) is starting formal rulemaking (again) as they move beyond the pre-rulemaking drafts that were debated for a little over a year. During their November 8, 2024, board meeting, the...more
On November 6, 2024, the Alberta government introduced Bill C-33 and Bill C-34 which aim to replace the Freedom of Information and Protection of Privacy Act with: (1) the Protection of Privacy Act; and (2) the Access to...more
The California Privacy Protection Agency (CPPA), at its board meeting on November 8, 2024, voted 4–1 to advance proposed regulations to a formal rulemaking. As currently drafted, these regulations would, among other things...more
Enforcement of data privacy laws across the US is in full force. Most recently, Marriott agreed to a $52 million settlement payment to 50 states, including $3.5 million to the State of Texas, following a data breach of 131...more
California Governor Gavin Newsom approved an amendment to the California Consumer Privacy Act (CCPA) extending privacy rights to a person’s neural data. Neural data is defined as information that is generated by measuring the...more
The Federal Trade Commission (FTC) reiterated its long-held view that hashing or pseudonymizing identifiers does not render data anonymous, in a post to its Technology Blog on July 24, 2024....more
On June 13, 2024, the Rhode Island legislature passed the Rhode Island Data Transparency and Privacy Protection Act (the “Act”), which became law in late June. The Act aims to protect the personal information of Rhode Island...more