No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
Lawyers Beware: There Could Be Serious Ethics Issues With The New AI Browsers
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
10 For 10: Top Compliance Stories For the Week Ending July 19, 2025
SkadBytes Podcast | Tech’s Shifting Landscape: Five Trends Shaping the Conversation
Hospice Insights Podcast - AI in Action: Exploring How AI Is Helping Hospices Do Things in New Ways
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
#Risk New York Speaker Series – Exploring Future Regulatory Trends and Compliance Strategies with Rory McGrath
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Rethinking Records Retention
#Risk New York Speaker Series: The Future of AI Governance in GRC with Matt Kelly
California has approved new regulations requiring some companies to conduct annual audits of their cybersecurity programs, including the policies, procedures, and practices for protecting personal information. On July 24,...more
On July 24, 2025, the California Privacy Protection Agency (“CPPA”) unanimously voted to adopt a package of Proposed Regulations for the California Consumer Privacy Act (“CCPA”), marking a significant development in...more
Last week, on July 14, 2025, a New York federal court issued a general stay of enforcement of the NY Algorithmic Pricing Disclosure Act, which went into effect just days earlier, on July 8, 2025. As a result, businesses...more
The UK Information Commissioner’s Office’s (the ICO’s) latest Annual Report summarises its accomplishments and priorities, including last year’s enforcement actions. Based on our review of the report, we see the ICO focusing,...more
Connecticut Attorney General William Tong recently announced the state’s first-ever enforcement settlement under the Connecticut Data Privacy Act (CTDPA) with TicketNetwork, Inc., an online ticket marketplace. The settlement...more
California has long been a frontrunner when it comes to consumer protection and privacy laws, and 2025 is shaping up to be no exception. State lawmakers and regulators are advancing a wave of new bills and regulations across...more
On July 8, Connecticut Attorney General William Tong announced a settlement with TicketNetwork, Inc. for alleged violations of the Connecticut Data Privacy Act (CTDPA). The settlement is the first publicly announced...more
The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more
The U.S. Department of Justice (DOJ) is set to enforce its sweeping new rule on certain U.S. data transactions with countries of concern and covered persons as of July 9, 2025. The new rule regarding “Preventing Access to...more
The Department of Justice’s (DOJ) 90-day grace period for compliance with the Data Security Program (DSP) ends on July 8, 2025, and enforcement is expected to begin. This regulatory regime was created for national security...more
China’s primary data regulator, the Cyberspace Administration of China (CAC), released two sets of Q&As with respect to exporting data from China, one in April and one in May. The questions were selected from those raised...more
For businesses subject to the California Consumer Privacy Act (CCPA), a compliance step often overlooked is the requirement to annually update the businesses online privacy policy. Under Cal. Civ. Code § 1798.130(a)(5),...more
Texas has become the second state, after Colorado, to enact omnibus legislation regulating artificial intelligence (AI) systems. On June 22, 2025, Texas Gov. Greg Abbott signed into law the Texas Responsible Artificial...more
On June 22, 2025, Texas Governor Greg Abbott signed the Texas Responsible Artificial Intelligence Governance Act (TRAIGA or the Texas AI Act) into law. The new law goes into effect January 1, 2026. The law places obligations...more
On June 2, the New Jersey Division of Consumer Affairs (Division) published proposed regulations to implement the New Jersey Data Privacy Act (NJDPA). Of note, these rules were proposed months after the NJDPA went into effect...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
A new wave of state consumer privacy laws focused on limiting data collection is creating anxiety among businesses—and Maryland is leading the charge. The Maryland Online Data Privacy Act (MODPA), set to take effect in...more
Artificial intelligence (AI) is rapidly changing the hiring landscape. Whether scanning resumes with machine learning tools or ranking candidates based on predictive models, employers in Canada may now want to ensure...more
The European Union Artificial Intelligence Act (EU AI Act) is rapidly reshaping the regulatory landscape for AI development and deployment, both within Europe and globally. In a recent Cooley webinar, partner Patrick Van...more
After a relatively slow start to 2025, the California Privacy Protection Agency (CPPA) is firing on all cylinders now. In recent weeks, the CPPA (i) revised the proposed Delete Request and Opt-out Platform (DROP) regulations...more
On April 23 and 24, 2025, regulators, industry leaders and data privacy leaders from across the globe convened in Washington, D.C. for the 2025 International Association of Privacy Professionals (IAPP) Global Privacy Summit....more
In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more
On April 22, 2025, the Federal Trade Commission (FTC) published the finalized amendments (Amendments) to the Children’s Online Privacy Protection Rule (COPPA Rule) that would impose additional restrictions on website and...more
As companies increasingly leverage automated technologies in their recruiting and hiring processes, legislators and regulators are increasingly focused on establishing guardrails to ensure fairness. As a result, companies...more
While March featured a flurry of newly introduced comprehensive privacy bills, state legislatures now appear to be primarily focused on pushing existing proposals through the chambers. ...more