Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
Cloud-based HR systems have become standard for multinational businesses, driving efficiency but also increasing compliance and privacy risks. Indeed, a recent Workday case, which originated in Germany, has clarified the...more
Connecticut has made changes to its privacy law, including lower thresholds, exemptions updates, new categories of sensitive data, expanded consumer rights, and more....more
The Measures outline requirements and procedures for self-initiated and regulator-mandated compliance audits from May 1, 2025....more
India just released a landmark draft of new rules to refine and implement the Digital Personal Data Protection Act (DPDP Act) – which is India’s first comprehensive data privacy legislation regulating digital personal data...more
To round out this year’s series on new state consumer privacy laws, we are covering the statute passed by Kentucky earlier this year. Please also keep your eye out for our 2024 round-up article that will be published soon, as...more
On 14 November, and after many years of negotiations, Chile adopted a new Data Protection Act (la Ley que regula la protección y el tratamiento de los datos personales y crea la Agencia de protección de datos personales)....more
Four years after the Brazilian General Data Protection Law (LGPD) came into force, Brazil’s Superior Court of Justice (STJ) recently issued a list of precedents exploring how the court applied the law and addressed the...more
Companies doing business in Mexico should review relevant policies and practices to ensure they align with the country’s comprehensive data privacy framework. Specifically, you’ll want to assess your privacy notices, data...more
Rhode Island is the latest state to enact consumer privacy legislation. The Rhode Island Transparency and Privacy Protection Act (the "Act"), which passed into law on June 28, 2024, establishes a framework for controlling and...more
On April 4, 2024, Kentucky became the fifteenth state to enact a comprehensive data privacy law, with Governor Andy Beshear signing the Kentucky Consumer Data Protection Act (KCDPA) into law. The Kentucky law will go into...more
On January 16, 2024, Governor Philip D. Murphy signed into law the New Jersey Data Privacy Act (the “Privacy Act”), which goes into effect on January 15, 2025....more
On January 16, 2024, New Jersey Governor Phil Murphy signed into law Senate Bill No. 332, “An Act concerning online services, consumers, and personal data” (“SB 332”). New Jersey is the fourteenth state to pass a...more
Given the increasing number of data privacy laws in the U.S., entering into appropriate data processing agreements (“DPAs”) with vendors has now become a critical component of vendor management. It can also be one of the most...more
China's Cybersecurity Law ("CSL"), Personal Information Protection Law ("PIPL") and Data Security Law ("DSL") set a series of rules and requirements for the cross-border transfer of personal information located in China....more
In our June Privacy & Cybersecurity Update, we review new data privacy laws in Colorado, Connecticut, Florida and Montana; Verizon’s annual Data Breach Investigations Report; AM Best’s report on cyber insurance trends; and...more
2023 continues to be a busy year for state comprehensive privacy legislation. Since our last post, several new states have entered the fray with legislative proposals, while some of the bills we previously examined have moved...more
Artificial intelligence (AI) is expanding into more industries (often in surprising ways) and has inevitably caught the attention of federal and state regulators. Our Privacy, Cyber & Data Strategy Team summarizes the...more
Editor’s Note: On September 29, 2022, HaystackID shared an educational webcast on the topic of US privacy law. As privacy continues to move to the forefront of not only information consideration but of business concern for...more
In this month’s Privacy & Cybersecurity Update, we review Connecticut’s passage of a comprehensive privacy law (making it the fifth state to do so), the newly enacted federal Better Cybercrime Metrics Act, New York’s new law...more
On 14 March 2022 the Data Protection Commission of Ireland (DPC) handed down a decision in respect of 22 personal data breach notifications made by the Bank of Ireland Group Plc (BOI) between November 2018 and June 2019. The...more
Governor Spencer Cox of Utah has now signed into law the Utah Consumer Privacy Act (“UCPA”), which was recently passed unanimously by the Utah legislature, and which will go into effect on December 31, 2023. Utah joins...more
On 13 October 2021, almost two years after the adoption of a bill on data protection, Rwanda's first data protection legislation, Law No. 058/2021 Relating to the Protection of Personal Data and Privacy ("Data Protection Law"...more
The PIPL imposes extensive obligations on organizations and individuals engaged in "handling" of personal information, which is defined to include "collection, storage, use, processing, transmission, provision, disclosure,...more
Only two months after the release of the second draft of the Data Security Law of the People’s Republic of China (the Second Draft), on June 10, 2021, the Standing Committee of the National People's Congress passed the new...more
On 20 August 2021, China’s National People’s Congress passed the Personal Information Protection Law (PIPL). The PIPL has a rapid timeframe for implementation, taking effect on 1 November 2021. The brief transition period...more