Podcast: Addressing Patient Complaints About Privacy Violations
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
Top Healthcare Compliance Priorities for 2025
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Episode 366 -- DOJ Issues Data Security Program Requirements
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — The Good Bot Podcast
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Innovations in Compliance: Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
A new wave of state consumer privacy laws focused on limiting data collection is creating anxiety among businesses—and Maryland is leading the charge. The Maryland Online Data Privacy Act (MODPA), set to take effect in...more
On April 22, 2025, the Federal Trade Commission (FTC) published its final amendments ("the Amendments") to the Children's Online Privacy Protection Act (COPPA) Rule in the Federal Register. The Amendments expand the...more
On May 8, the California Privacy Protection Agency (CPPA) ordered a Florida-based data broker to pay a $46,000 fine for failing to register and pay an annual fee as required by the Delete Act. The CPPA noted that the...more
In a significant enforcement move, California’s consumer privacy regulator just ordered a national clothing retailer to pay a $345,178 fine to resolve alleged violations of the state’s privacy law. The California Privacy...more
As summer approaches, three new state comprehensive privacy laws are poised to take effect, raising the number of states with effective comprehensive privacy legislation in the US to sixteen (with more to come in 2026). The...more
On January 31, 2025, in Campos v. TJX Companies, Inc., No. 24-cv-11067, the District of Massachusetts granted a motion to dismiss a class action due to the plaintiff’s lack of standing. The court concluded that the named...more
On April 29, 2025, the Michigan Attorney General filed a lawsuit in the Eastern District of Michigan against Roku on multiple grounds, alleging violations of: (a) the Children’s Online Privacy Protection Act (COPPA), and (b)...more
In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more
During the recruitment process, the collection of candidates’ personal information by employers plays an important role in assessing a potential employee’s profile and skills. In Quebec, this practice is governed by various...more
On April 21, 2025, the Oregon Department of Justice’s Privacy Unit reported a “big spike” in complaints about the Department of Government Efficiency (DOGE) in the first quarter of 2025....more
Two recent decisions from the Northern District of California—Shah v. Capital One Financial Corp., No. 24-cv-05985-TLT, 2025 WL 714252 (N.D. Cal. Mar. 3, 2025), and M.G. v. Therapymatch, Inc., No. 23-cv-04422-AMO, 2024 WL...more
On April 22, 2025, the Federal Trade Commission (FTC) published substantial amendments to the Children’s Online Privacy Protection Rule (COPPA), which will take effect on June 23, 2025. Businesses subject to COPPA must ensure...more
On April 21, 2025, Arkansas Governor Sarah Huckabee Sanders signed into law the Arkansas Children and Teens’ Online Privacy Protection Act (Act), which will become effective on July 1, 2026. It draws inspiration from the...more
Becker’s Hospital Review reports that the Department of Government Efficiency (DOGE) “has access to sensitive information in 19 HHS databases and systems,” according to a court filing obtained by Wired. HHS provided the...more
If you are a compliance professional for a U.S.-based company, you have probably been told at some point that you have to worry about the General Data Protection Regulation (GDPR). Have you encountered one of these...more
Topics that we often discuss on this blog are the use of third-party tracking tools and the California Invasion of Privacy Act (“CIPA”). Less discussed of late, however, is the California Consumer Privacy Act (“CCPA”) which,...more
As noted in our last two client alerts, the issue as to who should be the watchdog to protect consumer personal data is coming to a head in the chapter 11 bankruptcy cases of 23andMe Holding Co and its affiliated debtors...more
23andMe, a pioneer in the DNA testing kit industry, announced that it has filed for Chapter 11 bankruptcy protection and recently asked to select an independent customer data representative regarding any sale of user data....more
Yahoo’s ConnectID is a cookieless identity solution that allows advertisers and publishers to personalize, measure, and perform ad campaigns by leveraging first-party data and 1-to-1 consumer relationships. ConnectID uses...more
On March 27, 2025, a class action lawsuit was filed against the education technology (EdTech) company Instructure, the parent company of Canvas, a popular learning management system. The complaint alleges that Instructure...more
In the ongoing saga of the 23andMe bankruptcy, Federal Trade Commission Chairman Andrew N. Ferguson recently sent a letter to the Trustee overseeing the 23andMe bankruptcy proceeding stating, “As Chairman of the Federal Trade...more
1. Know What Laws Apply to your Organization It’s not surprising many leaders are unsure about which new laws or regulations apply to their organization. Privacy and security laws, particularly in the U.S., have changed...more
Late in February, the California Privacy Protection Agency (CPPA) ordered the shutdown of Background Alert under the state’s Data Broker Registration Law. Background Alert aggregated public records to create detailed profiles...more
With attention on Democratic Attorneys General vowing to fill the void left by weakened federal regulators, and perhaps a more partisan divide on enforcement generally, a bipartisan consensus is quietly emerging in the states...more
Introducing the inaugural installment of my “One Big Thought” series - a weekly exploration into ideas that matter. In this first series of posts, I delve into "Charting a Human-Centered Future in the Age of Artificial...more