Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
Bridging the Gap: How CivicReach is Revolutionizing Government Customer Service
The Privacy Insider Podcast Episode 11: Signal and Noise: The New Administration, Privacy, and Our Digital Rights with Cindy Cohn of Electronic Frontier Foundation
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
"Monsters Inc." y el tratamiento de los datos
The American Privacy Right Act (APRA) explained
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
Navigating State Privacy Laws
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
Are You Ready to Comply With New State Data Privacy Laws?
Embracing Data Privacy to Drive Business Growth: On Record PR
Data Dividend: What is Personal Data Worth?
Readers of this blog are well aware of the proliferation of lawsuits alleging that websites which utilize Meta Pixel tracking software violate the California Invasion of Privacy Act (“CIPA”). These lawsuits typically allege...more
On July 31, two representatives from the House Committee on Financial Services requested public feedback on the current federal consumer financial data privacy law, the GLBA, and potential legislative proposals to address...more
The annual review and update (if necessary) of privacy notices just got an upgrade to a “must do.” This provision, found in California Consumer Privacy Act from the beginning, requires companies to assess their data...more
July 1 marked the official enforcement date of the Tennessee Information Protection Act (TIPA), the state’s comprehensive consumer privacy law. Signed into law in 2023, TIPA grants consumers specific rights concerning their...more
What started as a flurry when California included protections for data about known teens in its 2018 privacy law soon became a blizzard. State after state passed new protections for teens into their own privacy laws, with...more
On July 29, 2025, the Colorado Department of Law (Department) published a draft of its latest proposed Colorado Privacy Act (CPA) regulations, focused on children’s privacy. The Department is seeking comment on the proposed...more
The comprehensive consumer privacy laws of Minnesota and Tennessee have recently taken effect, with the Minnesota Consumer Data Privacy Act (MCDPA) operative as of July 31, 2025, and the Tennessee Information Protection Act...more
Starting today, July 31, 2025, the Minnesota Consumer Data Privacy Act (“MCDPA”) officially takes effect. Signed by Governor Tim Walz in May 2024, this act majorly affects how the personal data of Minnesota residents is...more
With the continued absence of comprehensive federal privacy legislation after nearly 20 years of debate, state attorneys general (AGs) are increasingly asserting their role as primary regulators in the data privacy space....more
The Minnesota Consumer Data Privacy Act takes effect July 31, 2025. The Minnesota measure has a few unique requirements among state comprehensive privacy law. Here are a few that deserve a second look...more
As the 2025 summer heat continues and as state privacy laws continue to mature, enforcement actions are beginning to shape the compliance landscape for businesses nationwide—from the coast of California to the shores of...more
Connecticut has revised its privacy law for the third time since it was passed in 2022. With SB 1295, the state has mirrored others (like Colorado and Montana) in making ongoing changes to its law. Many of the changes...more
A trio of federal court decisions has emboldened the plaintiffs' bar with a new potential tool to wield in the ongoing wave of litigation targeting businesses for their use of routine website technologies: the California...more
Before assuming his new role as Executive Director for the California Privacy Protection Agency (CPPA), Tom Kemp served as a volunteer policy advisor on the Delete Act in 2023 and California’s 2020 ballot initiative, which...more
The California Privacy Protection Agency (“CPPA”) Board will meet on Thursday, July 24 to discuss the California Consumer Privacy Act (“CCPA”) draft regulations on cybersecurity audits, risk assessments, automatic...more
Thora Johnson and Alexandra Wood discuss: Key federal regulation including HIPAA The patchwork at the state level, including a growing number of state consumer health privacy laws...more
Connecticut Attorney General William Tong recently announced the state’s first-ever enforcement settlement under the Connecticut Data Privacy Act (CTDPA) with TicketNetwork, Inc., an online ticket marketplace. The settlement...more
As federal privacy enforcement shows signs of slowing, states are aggressively stepping in to fill the void. On July 1, 2025, the California attorney general (AG) announced a $1.55 million settlement with Healthline Media,...more
The court-appointed Consumer Privacy Ombudsman (CPO) in the 23andMe bankruptcy last month released a 200-plus-page report assessing the privacy implications of the proposed sale of 23andMe’s assets as part of its Chapter 11...more
Welcome to the Summer of Privacy! As we hit the middle of 2025, California is once again the focus of our attention, as both its legislators and regulators are attempting to square privacy protections with developing...more
In its first fine for violations of the Connecticut Data Privacy Act (“CDPA”), the state's omnibus data privacy law, the Connecticut Attorney General (“CT AG”) chose to make an example of deficient privacy notices....more
On July 8, Connecticut Attorney General William Tong announced a settlement with TicketNetwork, Inc. for alleged violations of the Connecticut Data Privacy Act (CTDPA). The settlement is the first publicly announced...more
Connecticut continues to refine its data privacy act as it implements its first violation settlement. TicketNetwork, Inc., reached a settlement of $85,000 for deficiencies in its privacy notice to consumers. Despite receiving...more
New York ‘s Child Data Protection Act, available here, took effect on June 20. This is a landmark piece of legislation designed to enhance the online privacy and safety of minors. As concerns over children’s digital...more
Connecticut Attorney General William Tong recently announced his office’s first enforcement action for violations of the Connecticut Data Privacy Act. “This law has now been in effect for two years,” Tong said in a...more