We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
On March 14, the California Privacy Protection Agency (CPPA) Board announced it appointed Tom Kemp as the CPPA’s executive director, effective April 1. Kemp enters the CPPA with experience as a policy advisor, cybersecurity...more
As we progress deeper into the 2025 legislative season, comprehensive privacy law proposals continue to progress through the legislative process. In the weeks since our last update, Kentucky amended its comprehensive data...more
On March 12, 2025, the California Consumer Privacy Protection Agency (CPPA or Agency) announced a settlement with an auto manufacturer, marking the Agency’s first enforcement action under the California Consumer Privacy Act...more
In November 2024, the German Federal Court of Justice made its first decision within the new leading decision procedure, which is intended to simplify mass proceedings. Another new procedural tool is the redress action. In...more
On February 10, 2025, a class action lawsuit was filed against an online retailer under the Washington My Health My Data (MHMD) Act’s private right of action. The complaint also alleges violations of federal wiretapping and...more
Keypoint: It was a very active week with movement on numerous bills, in particular in Virginia, as well as new bills introduced across the country. Below is the fifth weekly update on the status of proposed state privacy...more
It is hard to believe that we are starting the 25th year of the 21st century. The rapid evolution that technology, privacy and data security have undergone these last 25 years is mindbending. Yet, as we enter 2025, it still...more
A new decision by the United Kingdom’s high court says that even if you have cookie and marketing consent mechanisms that are sufficient for valid consent under privacy laws for the general public, they may not be enough for...more
In the two weeks before Inauguration, both the Consumer Financial Protection Bureau (CFPB) and Federal Trade Commission (FTC) released a flurry of rulemaking developments, policy announcements, and enforcement filings and...more
Missouri AG Andrew Bailey is issuing a regulation requiring social media companies to offer algorithmic choice for users in the state. Under the rule, it will be an unfair, deceptive, or fraudulent practice under the Missouri...more
Tracking U.S. state consumer data privacy legislation. Our map tracks privacy legislation and provides links to resources and information related to active states. To review prior years' state privacy legislation, visit...more
Character Technologies, Inc. faces allegations in a Texas lawsuit that its chatbot, Character.AI, encouraged self-harm, violent behavior, and provided sexually inappropriate sexual content to minors. The civil lawsuit...more
The California Attorney General published two legal advisories this week: Legal Advisory on the Application of Existing California Laws to Artificial Intelligence. Legal Advisory on the Application of Existing California Law...more
If you are looking for a high-level summary of California laws regulating artificial intelligence (AI), check out the two legal advisories issued by California Attorney General Rob Bonta. The first advisory is directed at...more
In a continuation of the trend of artificial intelligence becoming a regulatory focal point, California AG Rob Bonta issued legal advisories on the application of California law to AI, while New Jersey AG Matthew Platkin...more
The Oregon Department of Justice (DOJ) recently issued significant guidance detailing how the state's existing legal framework will regulate artificial intelligence, eschewing the need for immediate AI-specific legislation....more
The NJ Data Privacy Act takes effect tomorrow. The New Jersey Data Privacy Act is set to take effect tomorrow, January 15. The NJDPA was signed into law by Gov. Phil Murphy (D) on January 16, 2024. The NJDPA is similar to...more
We are back for our sixth year of tracking proposed state privacy legislation and fifth year of providing weekly updates. As in past years, we will track proposed state privacy legislation through these weekly updates and our...more
Christmas came early when on December 24, the Oregon Office of the Attorney General (OAG) delivered AI guidance wrapped in a bow. Titled “What you should know about how Oregon’s laws may affect your company’s use of...more
What You Need To Know: •The Texas Data Privacy and Security Act has broader jurisdiction than any other state data protection law and will regulate the data processing activities of thousands of companies for the first...more
On May 9, 2024, Maryland Governor Wes Moore signed into law Senate Bill 541 (the "Maryland Online Data Privacy Act") making Maryland the eighteenth state to adopt comprehensive data privacy legislation in the United States...more
On June 18, Texas became the eleventh state to enact a comprehensive consumer privacy law by passing the Texas Data Privacy and Security Act (TDPSA) (HB 4). The TDPSA will take effect on July 1, 2024, which is the same day as...more
Privacy risks of using big data in the fight against COVID-19 are significant, and have caught the attention of Republicans and Democrats alike. Earlier this month we reported on a bill introduced on May 7 by Republican...more
Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the...more
Last week, the European Parliament approved a resolution calling on the EU Commission (Commission) to protect individuals’ rights in the context of artificial intelligence (AI) and automated decision-making (ADM). The...more