AI in eDiscovery Today: An Open Conversation
Tenant Tales and Reseller Realities: Inside the FCRA Arena With Eric Ellman — FCRA Focus Podcast
Early Returns Podcast - Oliver Roberts: AI and the Law, and an Education
Driven by Data: Auto Finance Trends Uncovered - Moving the Metal: The Auto Finance Podcast
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
Innovations in Compliance: Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye
Early Days of the Trump Administration: Impact on the CFPB — The Consumer Finance Podcast
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
Innovation in Second Requests: Data is Your Greatest Asset
Podcast: How Delaying Third Party Discovery Can End Up Costing You Dearly
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
The Presumption of Innocence Podcast: Episode 48 - Digital Boundaries: Fourth Amendment Protections in a Connected World
eDiscovery Needs Digital Forensics for a Mobile World
A Sneak Peek into Data Mapping: What Implementation Really Looks Like
It's Time to Think About Data Mapping Differently
EEO-1 Filing After June 4: What to Do Now, and How to Prepare for Next Year - Employment Law This Week®
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
An Ounce of Prevention: Keys to Understanding and Preventing AI and Cybersecurity Risks
Utah AG Derek Brown and the Utah Division of Consumer Protection jointly sued Snap, Inc., the parent company of Snapchat, facilitating child sexual exploitation and sextortion through its design features and recommendation...more
The California attorney general’s (AG) July 1, 2025, proposed settlement with Healthline Media LLC (Healthline) marks the third cookie-related California Consumer Privacy Act (CCPA) settlement in as many months (alongside the...more
New York’s Child Data Protection Act (NYCDPA) has gone into effect, introducing sweeping new requirements for businesses that collect personal data from minors under 18. While New York has not yet joined the ranks of the...more
Nebraska AG Mike Hilgers sued PDD Holdings Inc. and WhaleCo Inc., d/b/a Temu, alleging that Temu’s shopping app operates as malware designed to gain unauthorized access to users’ data in violation of state consumer protection...more
Five new state privacy laws took effect in January 2025—Delaware (DPDPA), Iowa (ICDPA), Nebraska (NDPA), New Hampshire (NHPA), and New Jersey (NJDPA)—adding to the compliance maze for businesses operating across state lines....more
A bipartisan coalition of 28 AGs have filed a lawsuit against 23andMe Holding Co. and 23andMe, Inc. (collectively “23andMe”) to protect human genetic data collected by the company from being sold without consumers’ consent as...more
The attorneys general in Arkansas and Indiana are the most recent AGs to file lawsuits under their respective state laws protecting the privacy of driver data. We previously reported that the state of Texas filed a similar...more
A pair of recent enforcement actions by the California Privacy Protection Agency (CPPA) unveiled the agency’s latest enforcement priorities for business-to-consumer companies. In March 2025, the CPPA announced a settlement...more
Readers may recall prior pieces in which we discussed a pair of law firms responsible for bringing California Invasion of Privacy Act (“CIPA”) arbitration demands against online businesses. These CIPA arbitration demands...more
Regulations matter, but until they’re enforced, they’re all just so many words (so, so many words) on paper. Businesses know that what really counts is whether, how, where, and when regulators enforce the law....more
On March 10, 2025, California Attorney General Rob Bonta announced an investigative sweep targeting the location data industry, emphasizing compliance with the California Consumer Privacy Act (CCPA). This announcement follows...more
On May 8, the California Privacy Protection Agency (CPPA) ordered a Florida-based data broker to pay a $46,000 fine for failing to register and pay an annual fee as required by the Delete Act. The CPPA noted that the...more
In a significant enforcement move, California’s consumer privacy regulator just ordered a national clothing retailer to pay a $345,178 fine to resolve alleged violations of the state’s privacy law. The California Privacy...more
On May 9, 2025, the Texas Attorney General Ken Paxton announced a $1.375 billion settlement with Google—by far the largest state-level privacy settlement reached against Google to date. The settlement resolves lawsuits filed...more
The California Privacy Protection Agency (CPPA) recently fined clothing retailer Todd Snyder almost $350,000 for two types of consumer privacy errors. Due to technical errors during a 40-day period, it was impossible for Todd...more
On May 6, the California Privacy Protection Agency (CPPA) announced a settlement with Todd Snyder, Inc. over allegations that the men’s retail brand violated CCPA rules on submission and fulfillment of privacy rights...more
State enforcement agencies are keeping the pressure on businesses, with two new enforcement actions announced this week in California and Texas. This activity signals to companies – both within and outside of the United...more
While uncertainty continued to loom over the CFPB, the states did not take a spring break. Instead, we saw an eye-popping settlement from NY DFS involving BSA/AML claims. And both republican and democratic AGs continued to...more
In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more
In March, 2025, the California Privacy Protection Agency announced a consent order with an auto manufacturer alleging multiple violations of the California Consumer Privacy Act and imposing a $632,500 fine for alleged failure...more
On April 16, data privacy law regulators in seven states announced the creation of the Consortium of Privacy Regulators, a bipartisan group of state regulators seeking to “share expertise and resources, as well as coordinate...more
IAPP’s Global Privacy Summit in DC this week has featured panels with several state regulators charged with enforcing their state’s privacy laws, including regulators from California, Colorado, Connecticut, and Oregon. The...more
Businesses operating across the U.S. should pay close attention to the rapidly evolving consumer privacy landscape. To date, 20 states, including Oregon, have enacted comprehensive consumer privacy laws, with 14 already in...more
Oregon Attorney General Dan Rayfield has released a report detailing implementation steps and enforcement actions taken during the first six months of the Oregon Consumer Privacy Act ("OCPA"), which entered into force in July...more
Last week, on March 24, Virginia Governor Glenn Youngkin signed SB 754, which amends the Virginia Consumer Protection Act (Act) to regulate obtaining and disclosing “reproductive or sexual health information” by any...more