Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
An increasingly aggressive plaintiffs’ bar has brought purported class action suits based on the nearly ubiquitous use of tracking technologies used for website analytics. Although any actual harm to the plaintiffs is...more
On March 10, 2025, the Belgian Data Protection Authority (BDPA) updated its 2020 guidance on the processing of personal data for direct marketing purposes (see the updated guidance here in French and in Dutch)....more
Digital health care companies have navigated a wave of new developments at the Federal Trade Commission (FTC) over the past few years. With new leadership in the Trump Administration, the FTC may be poised to change some of...more
A groundbreaking law in Utah is poised to shake up how minors access apps. Earlier this month, Utah’s state legislature passed S.B. 142 (App Store Accountability Act), which requires major app store providers to verify users’...more
On January 16, 2025, the Federal Trade Commission (FTC) issued a Final Rule updating the Children’s Online Privacy Protection (COPPA) Rule, significantly expanding compliance obligations for online services that collect, use,...more
Keypoint: Last week saw a flurry of activity across numerous states, including bills advancing in Virginia, Oklahoma, Washington, Utah, and South Carolina, while lawmakers continued to introduce bills across the country. ...more
On January 22, Nebraska state Senator Mike Jacobson (R), at the request of Governor Jim Pillen (R), introduced the Agriculture Data Privacy Act (LB525). This is a first-of-its kind privacy bill that would specifically...more
On January 13, 2025, Texas Attorney General Ken Paxton (“Texas AG”) filed the first-ever enforcement action under the Texas Data Privacy and Security Act (“TDPSA”) against insurance company Allstate and its subsidiary, Arity...more
The Texas Attorney General has emerged as a significant regulatory enforcement authority for data privacy in the US. Traditionally, data privacy enforcement in the US has emanated from the Federal Trade Commission and other...more
Ask a compliance officer to name their top worry about artificial intelligence, and odds are they will blurt out something to do with privacy. That doesn’t just tell us what the risks of AI are – it also gives us hints about...more
On January 13, 2025, California Attorney General (“AG”) Rob Bonda issued an advisory describing providers’ and businesses’ obligations related to the development, sale, and use of artificial intelligence (“AI”) and automated...more
App permissions do not satisfy the requirements for valid consent for the purpose of GDPR because they lack sufficient detail and granularity, according to the Commission Nationale de l’Informatique et des Libertés (CNIL)....more
The Federal Trade Commission (“FTC”) finalized changes to the Children’s Online Privacy Protection Act (“COPPA”) Rule today, making the first updates to the Rule since 2013. In January 2024, the FTC proposed changes to the...more
On December 6, 2024, the Colorado Attorney General’s Office notified the public that it adopted the updated Colorado Privacy Act (CPA) Rules, as a follow-up to the amendments to the CPA made earlier in the year (collectively,...more
The Colorado AG’s office adopted draft amendments to the Colorado Privacy Act rules last month. The adopted draft reflected input from the public to AG’s September 2024 version and addresses three key issues. First, on...more
On May 31, 2024, Colorado enacted H.B. 24-1130, an amendment to the Colorado Privacy Act (CPA) regarding the use of biometric information (the “Biometric Amendment”). The Biometric Amendment, effective July 1, 2025, requires...more
Introduction - As a federal state with law-making powers shared between federal and provincial/territorial governments, Canada has both federal and provincial/territorial privacy laws that govern the private and public...more
Introduction - The Brazilian General Data Protection Law (“LGPD”), enacted in 2018 and enforced since 2020, serves as the cornerstone of the country's data protection framework. Its primary objective is to ensure the...more
Challenges may arise when conducting an internal investigation related to an underlying disclosure by a whistleblower pursuant to the EU Directive, because companies must strictly comply with the GDPR. Failure to comply with...more
Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more
The Texas Data Privacy and Security Act (TDPSA) became law on June 16, 2023. Texas becomes the 11th state to enact a comprehensive consumer data privacy law, joining California, Virginia, Colorado, Connecticut, Utah, Iowa,...more
In late April, Washington's governor signed the My Health My Data Act, or MHMD, into law. The law, which goes into effect next year, aims to regulate the vast amount of health-related data processing that takes place...more
On 8 March 2023, the newly-created Department for Science, Innovation and Technology (“DSIT”) introduced the UK government’s updated proposals for data protection reform in the shape of the Data Protection and Digital...more
...This session, led by industry-acknowledged experts in areas ranging from data protection and privacy to data transfer and legal discovery, provided a professional forum for the explanation of the best approaches,...more
INTRODUCTION - The United Arab Emirates (UAE) has published its first Federal Data Protection Law No. 45 of 2021 (Law), which came into effect on 2 January 2022. This alert provides an overview of the Law which will be...more