We get Privacy for work — Episode 8: The Surge in Data Breach Lawsuits: Trends and Tactics
The Privacy Insider Podcast Episode 17: Security, Cyber-Intel, and a Sense of Humor with Nir Rothenberg of Rapyd
12 O’Clock High, A Podcast on Business Leadership – Leadership in Cybersecurity and Privacy with Robert Meyers
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
A new lawsuit just filed against Otter.ai underscores the legal and compliance risks companies face when using AI notetakers – and serves as a good reminder to deploy best practices to reduce your risks. The August 15 case...more
On August 11, 2025, the Office of the Privacy Commissioner of Canada ("OPC") issued two sets of guidance for processing of individual's biometric data: one for federal institutions and one for private businesses. Below we...more
- What is new: The ICO is proposing to relax its enforcement of cookie consent requirements, meaning user consent would not be required for lower-risk advertising cookies. - Why it matters: The proposals aim to address...more
If your business operates a website or provides online services that collect data about children, you should be aware of expanding legal requirements from U.S. states regulating how private companies interact with minors....more
The California Privacy Protection Agency (“CPPA”) has made it abundantly clear: privacy compliance isn’t just about publishing the right disclosures – it’s about whether your systems actually work. On May 6, the agency fined...more
Keypoint: Last week, the Virginia legislature passed a VCDPA amendment, kid’s privacy bills crossed chambers in South Carolina and Utah, and lawmakers continued to introduce new bills on various topics. Below is the seventh...more
Keypoint: Last week saw a flurry of activity across numerous states, including bills advancing in Virginia, Oklahoma, Washington, Utah, and South Carolina, while lawmakers continued to introduce bills across the country. ...more
In a major development for all businesses handling health data, New York lawmakers passed a sweeping health data privacy bill Wednesday that could have far-ranging consequences across the country. S929, also known as the New...more
On December 6, 2024, the Colorado Attorney General’s Office notified the public that it adopted the updated Colorado Privacy Act (CPA) Rules, as a follow-up to the amendments to the CPA made earlier in the year (collectively,...more
The Colorado attorney general’s office just adopted significant updates to the Colorado Privacy Act (CPA) rules, which will soon introduce new obligations related to biometric data, employee biometrics, children’s privacy,...more
Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more
In Part I, we discussed the European Commission’s (“Commission”) disapproval of Meta’s “pay or consent” subscription model. In Part II, we delve into the European Commission’s findings, prior findings by the European Data...more
On 1 July 2024, the European Commission (the ‘Commission’) announced its preliminary findings in an investigation of a leading social media platform, concluding that its ‘pay or consent’ advertising model implemented in the...more
Keypoint: The Central District of California issued several wiretapping decisions in May while two decisions on the VPPA illustrate how claims fail or succeed at the pleading stage. Welcome to the fourteenth installment in...more
The Colorado attorney general’s office sent shockwaves throughout the privacy world on September 30, 2022, when it published its proposed Colorado Privacy Act (CPA) draft rules (Draft Rules). The Draft Rules are complex and...more
On September 30, 2022, the Colorado Attorney General’s Office (the AG’s Office) released draft regulations to the Colorado Privacy Act (the CPA). Before these proposed regulations take effect, however, there will be a lengthy...more
On Friday, June 3, Representative Frank Pallone (D-NJ), Chairman of the House Energy & Commerce Committee, Representative Cathy McMorris Rodgers (R-WA), the committee’s Ranking Member, and Senator Roger Wicker (R-MS), Ranking...more
The Colorado legislature just passed the Colorado Privacy Act (CPA). Once signed by the Governor, Colorado will become just the third state – after California and Virginia – to enact broad consumer data privacy legislation....more
Virginia became the second state after California to pass a comprehensive privacy law when the governor signed the Consumer Data Protection Act, which contains many elements found in the California Consumer Privacy Act and...more
Gerade für Juristen ist Begeisterung für und ein Verständnis von Branchen, Geschäftsmodellen und Technologien – gerade vor dem Hintergrund des Datenschutzrechts und des Gewerblichen Rechtsschutzes – unerlässlich und...more
Keypoint: LGPD is a complicated regulatory regime that will required U.S. entities subject to its requirements to undertake substantial compliance efforts. As documented in Dirceu Santa Rosa’s article for the IAPP’s Privacy...more
On May 4, 2020, the European Data Protection Board adopted updated guidelines on what does and does not constitute consent under the General Data Protection Regulation (GDPR) in certain situations. Consent is one of the...more
The Florida Senate and House of Representatives are considering two bills (SB 1670 and HB 963) that, if adopted, will amend Florida law to create the state’s first comprehensive privacy law (though they do not go nearly as...more
Several weeks ago, we published a CCPA FAQS on Cookies, which provides a high-level look at how the impending CCPA may apply to website cookies. The CCPA’s definition of personal information is expansive, and in preparation...more
Foreword - European data protection laws have made significant strides in the last two decades. Privacy and data protection laws have undergone dramatic changes over the last 20 years, in a race to keep up with technology....more