Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
Bridging the Gap: How CivicReach is Revolutionizing Government Customer Service
The Privacy Insider Podcast Episode 11: Signal and Noise: The New Administration, Privacy, and Our Digital Rights with Cindy Cohn of Electronic Frontier Foundation
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
"Monsters Inc." y el tratamiento de los datos
The American Privacy Right Act (APRA) explained
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
Navigating State Privacy Laws
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
Are You Ready to Comply With New State Data Privacy Laws?
Embracing Data Privacy to Drive Business Growth: On Record PR
Data Dividend: What is Personal Data Worth?
Privacy pros are passionate about doing good work, in every sense of the word. Yes, we care about managing privacy as thoroughly and efficiently as possible (and not getting fined). But we are all in this line of work for a...more
Last week, two separate class actions were filed in the federal district court for the Southern District of Texas against DISA Global Solutions (DISA), a third-party employment screening services provider, related to an April...more
In the waning days of the Biden administration, the FTC published an update to its COPPA Privacy Rule. The status of this update, however, is unclear. The revisions to the rule were posted on the FTC website prior to the...more
The Department of Government Efficiency’s (DOGE) staggering unfettered access to all Americans’ personal information is highly concerning. DOGE employees’ access includes databases at the Office of Personnel Management, the...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
It’s no longer good enough for your business to have a reactive approach to consumer privacy – you need a proactive strategy to manage compliance, foster consumer trust, and stay competitive in this modern era. While many...more
The California Consumer Privacy Act of 2018 (as amended, including by the California Privacy Rights Act, the CCPA) was drafted by a privacy rights activist, initially passed and later amended multiple times by the California...more
Actions in the last six months of the Brazilian National Data Protection Authority (“ANPD”) suggest that it intends to aggressively enforce the Brazilian Data Protection Law (“LGPD”). The LGPD applies to any entity that...more
Texas will soon be the next state to have a comprehensive consumer data privacy and security law when the Texas Data Privacy and Security Act takes effect on July 1. It will require businesses to take several compliance...more
Introduction - In recent years, Ohio has made unique and nationally-mirrored efforts toward advancing a goal of protecting the personal data of its residents. In addition to joining other U.S. states in 2005 by requiring...more
Introduction - Illinois has enacted laws addressing rights and obligations related to data privacy. Companies and organizations that handle, collect, disseminate, or otherwise deal in nonpublic information have a number of...more
CYBERSECURITY - Health Care Entities Continue to Get Pummeled by Cybersecurity Attacks - The newest health care entity to be hit by a cyberattack is Ascension Health, which operates 140 hospitals and 40 assisted living...more
Introduction - Data protection is being driven by rapid technological advances and the increasing digitalization of society. Data protection legislation in Portugal is aligned with European Union law, in particular with...more
Introduction - The legal regime in India relating to data protection and privacy has undergone a significant re-haul and revamp. The Digital Data Protection Act, 2023 (“DPDPA”) received the President’s assent and was...more
Introduction - As a federal state with law-making powers shared between federal and provincial/territorial governments, Canada has both federal and provincial/territorial privacy laws that govern the private and public...more
Introduction - The Brazilian General Data Protection Law (“LGPD”), enacted in 2018 and enforced since 2020, serves as the cornerstone of the country's data protection framework. Its primary objective is to ensure the...more
On April 7, 2024, Representative Cathy McMorris Rogers (R-WA) and Senator Maria Cantwell (D-WA) announced that Congress will once again consider a comprehensive federal data privacy bill that, if passed, would dramatically...more
On April 7, Senate Commerce Committee Chair Maria Cantwell (D-WA) and House Energy and Commerce Committee Chair Cathy McMorris Rodgers (R-WA) released the text of the American Privacy Rights Act (APRA), a bipartisan and...more
On March 6, 2024, New Hampshire Governor Chris Sununu signed into law SB 255-FN, An Act Relative to the Expectation of Privacy (the “Act”), making New Hampshire the 14th state to enact a comprehensive data privacy law —...more
Friendly reminder – the Washington My Health My Data Act (“WMHMDA”) compliance deadline for regulated entities to post their consumer health data privacy policy is March 31, 2024 (June 30, 2024 for small businesses). A...more
On January 16, 2024, New Jersey became the fourteenth state to enact comprehensive privacy legislation after the passage of the New Jersey Data Privacy Act (“NJDPA”), adding to the growing national focus on consumer personal...more
As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more
On January 16, New Jersey Governor Phil Murphy signed S332 (the act), making New Jersey the first state in 2024 to enact a comprehensive privacy law. Several other states are currently considering similar comprehensive...more
January 28 is International Privacy Day, and this day is an opportunity to learn about recent developments in the legal landscape for privacy law. It is also a good opportunity to highlight how far privacy rights have come,...more
It is indeed a tangled regulatory web woven to potentially trap an organization in the wake of a data incident. Navigating this web can involve significant resources, time, and stress. As we discussed in part two of this...more