The Privacy Insider Podcast Episode 17: Security, Cyber-Intel, and a Sense of Humor with Nir Rothenberg of Rapyd
12 O’Clock High, A Podcast on Business Leadership – Leadership in Cybersecurity and Privacy with Robert Meyers
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
IBM and the Ponemon Institute have released the 2025 Cost of a Data Breach Report. The report, which has become an annual late-summer tradition, highlights the evolving risks and costs associated with data breaches. This...more
Twenty-three privacy and AI-related bills are set for appropriations committee hearings on August 29 — the deadline for bills to advance out of fiscal committees — while three other bills have passed out of committee and are...more
A new lawsuit just filed against Otter.ai underscores the legal and compliance risks companies face when using AI notetakers – and serves as a good reminder to deploy best practices to reduce your risks. The August 15 case...more
On August 11, 2025, the Office of the Privacy Commissioner of Canada ("OPC") issued two sets of guidance for processing of individual's biometric data: one for federal institutions and one for private businesses. Below we...more
Artificial intelligence is no longer a wild west frontier technology—it’s a regulated one. As AI systems become central to how companies operate, communicate, and compete, legal oversight is catching up. In 2025, AI...more
A recent high-profile breach at a women-focused dating app underscores how quickly a privacy misstep can escalate into lawsuits and reputational harm. The incident offers a cautionary tale for any company handling sensitive...more
Last week, I was half-listening to one of my favorite podcasts during a workout when something OpenAI CEO Sam Altman said immediately caught my attention. He was chatting it up with comedian Theo Von on This Past Weekend when...more
As part of our series to provide practical insights into emerging Federal Trade Commission (FTC) priority areas for consumer protection and data privacy enforcement, we are taking a deep dive into the Protecting Americans’...more
While no state has passed a new consumer data privacy law in 2025, five states passed bills amending their existing laws....more
In July 2025, the California Privacy Protection Agency (CPPA) Board unanimously approved new regulations pursuant to the California Consumer Privacy Act (CCPA) that specifically address the use of automated decisionmaking...more
- What is new: The ICO is proposing to relax its enforcement of cookie consent requirements, meaning user consent would not be required for lower-risk advertising cookies. - Why it matters: The proposals aim to address...more
Twenty-nine years after Prince warned us about the dangers of the Internet, his home state has taken action to protect consumers who use it. On July 31, 2025, Minnesota joined the roughly twenty states that have adopted...more
With the continued absence of comprehensive federal privacy legislation after nearly 20 years of debate, state attorneys general (AGs) are increasingly asserting their role as primary regulators in the data privacy space....more
If your business operates a website or provides online services that collect data about children, you should be aware of expanding legal requirements from U.S. states regulating how private companies interact with minors....more
On this episode, hosts Jack Clabby of Carlton Fields and Kayley Melton, executive director of operations at the Cognitive Security Institute, sit down with Kurt Sanger — a seasoned cyber law leader and former deputy general...more
California has approved new regulations requiring some companies to conduct annual audits of their cybersecurity programs, including the policies, procedures, and practices for protecting personal information. On July 24,...more
Key Takeaways - - The European Commission published its Code of Practice for General-Purpose AI (GPAI) Models on July 10, 2025, following three draft versions and just weeks before the first AI Act obligations take effect....more
In recent comments, Commissioner Holyoak signaled that the Federal Trade Commission will prioritize enforcement of the Protecting Americans’ Data from Foreign Adversaries Act (PADFAA), a law that empowers the FTC to police...more
The UK Information Commissioner’s Office’s (the ICO’s) latest Annual Report summarises its accomplishments and priorities, including last year’s enforcement actions. Based on our review of the report, we see the ICO focusing,...more
New York ‘s Child Data Protection Act, available here, took effect on June 20. This is a landmark piece of legislation designed to enhance the online privacy and safety of minors. As concerns over children’s digital...more
On July 10, 2025, the EU published its Code of Practice for General-Purpose AI Models, a comprehensive, though not exhaustive, framework designed to guide Artificial Intelligence ("AI") providers in complying with the...more
The US “comprehensive” law landscape continues to expand, with two more states—Tennessee (July 1) and Minnesota (July 31) —joining the “comprehensive” privacy law club. Five of these -Delaware, Iowa, Nebraska, New Hampshire,...more
On June 19, 2025, the UK Data (Use and Access) Act 2025 was enacted, marking the culmination of a lengthy legislative process aimed at reshaping aspects of the country’s data protection regime. First proposed in 2021 as part...more
The SEC’s amended Regulation S-P, adopted last year, will soon enhance data privacy protections for broker-dealers, investment companies, registered investment advisors, and transfer agents. The updated rule requires these...more
Next month ushers in two new US state comprehensive consumer privacy laws in Tennessee and Minnesota, which become effective on July 1 and July 31, respectively. While these laws track the current plethora of US state...more