No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
Lawyers Beware: There Could Be Serious Ethics Issues With The New AI Browsers
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
10 For 10: Top Compliance Stories For the Week Ending July 19, 2025
SkadBytes Podcast | Tech’s Shifting Landscape: Five Trends Shaping the Conversation
Hospice Insights Podcast - AI in Action: Exploring How AI Is Helping Hospices Do Things in New Ways
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
#Risk New York Speaker Series – Exploring Future Regulatory Trends and Compliance Strategies with Rory McGrath
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Rethinking Records Retention
#Risk New York Speaker Series: The Future of AI Governance in GRC with Matt Kelly
On July 24, 2025, the California Privacy Protection Agency (“CPPA”) Board voted to adopt draft regulations under the California Consumer Privacy Act (“CCPA”) concerning cybersecurity audits, risk assessments, automated...more
A trio of federal court decisions has emboldened the plaintiffs' bar with a new potential tool to wield in the ongoing wave of litigation targeting businesses for their use of routine website technologies: the California...more
Before assuming his new role as Executive Director for the California Privacy Protection Agency (CPPA), Tom Kemp served as a volunteer policy advisor on the Delete Act in 2023 and California’s 2020 ballot initiative, which...more
As federal privacy enforcement shows signs of slowing, states are aggressively stepping in to fill the void. On July 1, 2025, the California attorney general (AG) announced a $1.55 million settlement with Healthline Media,...more
On July 1, 2025, the California Attorney General’s Office (AG) announced a proposed $1.55 million settlement with Healthline Media, operator of the popular website Healthline.com. The AG alleges Healthline violated numerous...more
Readers of this blog may recall a piece in which we discussed an unfavorable Ninth Circuit California Invasion of Privacy Act (“CIPA”) internet wiretapping decision. Interestingly, the Ninth Circuit recently weighed in again...more
An increasingly aggressive plaintiffs’ bar has brought purported class action suits based on the nearly ubiquitous use of tracking technologies used for website analytics. Although any actual harm to the plaintiffs is...more
State attorneys general and regulatory agencies continue to enforce against violations of comprehensive state privacy laws, as demonstrated by recent enforcement actions by the California and Connecticut Attorneys General and...more
The California Attorney General (AG) has announced a landmark $1.55 million settlement with Healthline Media LLC (Healthline), which operates a health information website. The settlement marks the largest fine to date in an...more
The California attorney general’s (AG) July 1, 2025, proposed settlement with Healthline Media LLC (Healthline) marks the third cookie-related California Consumer Privacy Act (CCPA) settlement in as many months (alongside the...more
Data privacy regulations aren’t known for being light reading. That doesn’t make it easy for businesses to become compliant. When one law refers to data subjects, another to residents, another to consumers, and another...more
On July 1, the California Attorney General (CA AG) announced a $1.55 million settlement – the largest penalty issued under the California Consumer Privacy Act (CCPA) to date – with Healthline, an online health and wellness...more
In May, Montana enacted Senate Bill 297, which amends the Montana Consumer Data Privacy Act (MCDPA) to eliminate the broad exemption for financial institutions subject to the Gramm-Leach-Bliley Act (GLBA). Connecticut...more
New Jersey recently released draft privacy regulations, and there is a lot to unpack and process. In this three-part series, I will break down the regulations - Part 1: The New Personal data: • Scraping is carved...more
As privacy enforcement ramps up, effectively managing opt-out requirements under state privacy laws is a top risk mitigation measure. But complying with opt-outs is not just a matter of providing a consumer-facing opt-out...more
On June 3, 2025, the California Senate unanimously passed Senate Bill 690 (SB 690), a bill that seeks to add a “commercial business purposes” exception to the California Invasion of Privacy Act (CIPA)....more
California is a bellwether for privacy laws, which is why we’ve been watching carefully as recent events suggest that business-friendly interests may be gaining a foothold in what has historically been one of the most...more
To help our clients and readers sort through the volume of privacy, cyber, and AI news, we are switching Privacy, Cyber, & AI Decoded to a summary format. In this first edition, we look at a proposed 10-year moratorium on...more
On April 16, 2025, a coalition of state attorneys general and privacy regulators from California, Colorado, Connecticut, Delaware, Indiana, New Jersey, Oregon, and the California Privacy Protection Agency (CPPA) announced the...more
Regulations matter, but until they’re enforced, they’re all just so many words (so, so many words) on paper. Businesses know that what really counts is whether, how, where, and when regulators enforce the law....more
California Senate Bill 690 (SB 690), introduced by Senator Anna Caballero, is continuing to proceed through the California state legislative process. The proposed bill would amend the California Invasion of Privacy Act (CIPA)...more
Keypoint: Last week, Oregon’s legislature passed a bill to amend the state’s consumer data privacy law, the Connecticut Senate passed two bills, and there were developments with bills in New Jersey, Nebraska, Texas,...more
On May 1, the California Privacy Protection Agency ("CPPA") board (the "Board") met to discuss revisions to proposed regulations relating to cybersecurity audits, risk assessments, and automated decision-making technologies...more
On April 23 and 24, 2025, regulators, industry leaders and data privacy leaders from across the globe convened in Washington, D.C. for the 2025 International Association of Privacy Professionals (IAPP) Global Privacy Summit....more
In Shah v. Capital One Financial Corporation, the Northern District of California handed down a ruling that may shape the trajectory of litigation involving tracking technologies, online privacy policies, and California’s...more