No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
Lawyers Beware: There Could Be Serious Ethics Issues With The New AI Browsers
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
10 For 10: Top Compliance Stories For the Week Ending July 19, 2025
SkadBytes Podcast | Tech’s Shifting Landscape: Five Trends Shaping the Conversation
Hospice Insights Podcast - AI in Action: Exploring How AI Is Helping Hospices Do Things in New Ways
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
#Risk New York Speaker Series – Exploring Future Regulatory Trends and Compliance Strategies with Rory McGrath
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Rethinking Records Retention
#Risk New York Speaker Series: The Future of AI Governance in GRC with Matt Kelly
On February 27, the California Privacy Protection Agency (CPPA) announced it reached a settlement with a data broker company that failed to register and pay an annual registration fee as required under the Delete Act. The...more
The old saying goes, “Don’t mess with Texas.” The same can be said of the Texas Privacy Act. The Texas Department of Information Resources recently issued an implementation status for the act....more
Earlier this month, after the conclusion of the public comment period, the Colorado Department of Law adopted amendments to the Colorado Privacy Act (CPA), which grants rights to Colorado consumers concerning their personal...more
Under many circumstances, state privacy laws require businesses to pass a consumer’s valid deletion request to any entity that processes the data on behalf of the business or otherwise is a recipient of the data. These...more
On October 30, the California Privacy Protection Agency (CPPA) announced an investigative sweep to ensure data brokers comply with the Delete Act. Effective January 1, the Delete Act requires parties to register by January 31...more
The U.S. is taking another swing at a federal data privacy law with the American Privacy Rights Act, or APRA. While there’s no guarantee that the APRA will become the law of the land, it’s still worthwhile to study in order...more
On April 2, the California Privacy Protection Agency (CPPA or “the Agency”) issued the Agency’s first-ever enforcement advisory. The advisory (“Applying Data Minimization to Consumer Requests”) reaffirms data minimization as...more
Over the weekend, lawmakers unveiled the latest push for a federal privacy law – the American Privacy Rights Act (APRA). The bill was circulated as a discussion draft by Sen. Maria Cantwell (D-WA), Chair of the Senate...more
Welcome to this month's issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice....more
California continues to be at vanguard of data privacy rights. The latest effort by California legislators to protect consumer privacy rights focuses on data brokers, who under the proposed California Senate Bill 362, aka...more
Under the California Consumer Privacy Act (CCPA), California consumers may exercise certain rights in relation to their personal information – and businesses have strict deadlines to respond to such consumer requests. These...more
On Thursday, May 11, Gov. Bill Lee (R) signed into law the Tennessee Information Protection Act. The new TIPA follows the recent enactment of data privacy laws in Iowa and Indiana. The other states with data privacy laws are...more
On the heels of the unanimous passage of Iowa’s Act Relating to Consumer Data Protection on March 28, Indiana’s Consumer Data Protection Act was passed by the state legislature on April 13 and has been signed into law by Gov....more
Iowa will soon be the sixth state in the nation with a comprehensive consumer privacy law – but the good news for employers is that it does not apply to data collected in the employment context and does not include a private...more
Shortly before Privacy Day, California Attorney General (Cal AG) Rob Bonta announced a California Consumer Privacy Act (CCPA) enforcement sweep that targeted mobile applications....more
Most privacy laws derive from the same core foundational principles, namely the Fair Information Practice Principles (FIPPs). This includes the California Consumer Privacy Act of 2018 (CCPA), California Privacy Rights Act of...more
The Utah Consumer Privacy Act (“UCPA”) passed by the Utah legislature was signed into law by Governor Spencer Cox on March 24, 2022 and becomes effective December 31, 2023. While companies conducting business in Utah will...more
On March 3, 2022, the Utah House of Representatives passed a consumer privacy bill: the Utah Consumer Privacy Act. The bill had already passed the Utah Senate in February, and at the time of this writing, awaits a signature...more
This is the first in a series of articles about the implications of the California Privacy Rights Act for employers. - The California Privacy Rights Act (“CPRA”) expands employers’ obligations with respect to the privacy...more
Our Privacy, Cyber & Data Strategy Team highlights some of the similarities and differences between Colorado’s new consumer privacy law and its older siblings in California and Virginia....more
Colorado became the third state to enact comprehensive data privacy legislation when Gov. Jared Polis signed the Colorado Privacy Act (CPA) on July 8, 2021. The CPA shares similarities with its stateside predecessors, the...more
Keypoint: As introduced, the Ohio Personal Privacy Act would provide Ohio residents with some rights regarding their personal data, but it is not as extensive as the CPRA, CPA, and VCDPA...more
On March 2, 2021, Virginia Governor Ralph Northam signed into law the Virginia Consumer Data Protection Act (VCDPA), making Virginia the second state, after California, to enact general data privacy legislation. The VCDPA...more
Here we go again! On March 15th, 2021, the California Department of Justice (“Department”) announced approval of modifications to the California Consumer Privacy Act’s (CCPA) regulations, originally introduced in December of...more
On November 3, 2020, Californians approved another significant piece of privacy rights legislation, the California Privacy Rights Act, or the CPRA. The CPRA amends and expands the already (almost) infamous CCPA (California...more