We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
On May 2, 2025, the Irish Data Protection Commission (“DPC”) issued a decision, as lead supervisory authority, finding that TikTok infringed the GDPR regarding (a) its cross-border transfers of EEA User Data to China, and (b)...more
The seventh annual edition of DLA Piper’s GDPR Fines and Data Breach Survey has revealed another significant year in data privacy enforcement, with an aggregate total of EUR1.2 billion (USD1.26 billion/GBP996 million) in...more
On 17 December 2024, the European Data Protection Board (EDPB) adopted its opinion on certain data protection aspects related to the processing of personal data in the context of AI models (Opinion). The Opinion comes as a...more
ComplexDiscovery’s Editor’s Note: This recent €310 million fine imposed on LinkedIn by Ireland’s Data Protection Commission (DPC) marks a powerful moment in GDPR enforcement, underlining the regulatory rigor facing global...more
The Irish Data Protection Commission (DPC) has welcomed X’s agreement to suspend its processing of certain personal data for the purpose of training its AI chatbot tool, Grok. This comes after the DPC issued suspension...more
By now, many of us are using AI, advising others about how to use AI, and waiting for some legislative miracle to give us some guardrails for what we can or cannot be doing with AI. A lot of effort has been put into tracking...more
It shouldn’t come as a surprise that the European Data Protection Board (EDPB), through Ireland’s Data Protection Commission (DPC), issued another fine against a large US technology company. What may come as a surprise is the...more
Closing in on the fifth anniversary of the entry into force of the EU General Data Protection Regulation (GDPR), the Irish Data Protection Commission (DPC) announced on 22 May 2023 that it had fined the Irish subsidiary of...more
On May 22 the Irish Data Protection Commission (“DPC”), Ireland’s data privacy watchdog, issued its final and binding decision against Meta with respect to Facebook’s exporting of personal data from Europe to the US from July...more
On 22 May 2023, the Irish Data Protection Commission (DPC) issued Meta Platforms Ireland Limited (Meta Ireland) with a EUR 1.2 billion (approximately 1.3 billion U.S. dollar) fine for breaches of the GDPR with respect to...more
Data Protection Commission Ireland has issued a report on the responses it received to its public consultation on its guidance on children’s rights. Of particular note is the careful consideration the commission gave the...more
When GDPR became effective three years ago, companies took notice of the fines and penalties attached to violations of the stringent privacy law—4 percent of global annual sales....more
Joining Michael this week for the podcast quarterly check in with Europe is International Competition specialist Oliver Heinisch from London. Oliver shares the latest updates from the continent, including insight on Brexit,...more
Today saw a key ruling by the Irish High Court which could have wide ranging implications in relation to a range of data use, targeted advertising and data transfers between Europe and the United States. The Irish data...more
The Irish Data Protection Commission (DPC) fined Twitter 450,000 euros (about US$546,000) for failing to timely notify the Irish DPC within the required 72 hours of discovering a Q4 2018 breach involving a bug in its Android...more
Following its Guidance issued on April 6, 2020, the Irish Data Protection Commission signaled its intent to begin enforcement against companies who fail to adhere to the Commission’s guidelines on the use and management of...more
The Court of Justice of the European Union (CJEU) recently issued a decision with global implications for data transfers from the EU in a case referred to the CJEU from the Irish Data Protection Commissioner, colloquially...more
EDPB and data protection authorities’ views and statements on the “Schrems II”- decision by the CJEU - On 16 July, 2020, the European Court of Justice (“CJEU“) passed a decision invalidating the EU-US Privacy Shield and...more
As discussed in an earlier alert, the Court of Justice of the European Union in a landmark decision in the Schrems II case invalidated the EU-US Privacy Shield framework, which was widely used by thousands of US organizations...more
The table below sets out the guidance provided by data protection authorities (DPA) in response to the European Court of Justice’s landmark judgment in Case C-311/18 Data Protection Commissioner v. Facebook Ireland and...more
The Court of Justice of the European Union (“CJEU”), on July 16, 2020, invalidated the European Union-U.S. Privacy Shield Framework (“Privacy Shield”), which more than 5,300 U.S. organizations had relied on to lawfully...more
On July 16, 2020, the Court of Justice of the European Union (CJEU), the supreme court of the European Union on matters involving European Union law, issued its long anticipated decision in the “Schrems II” case ( case...more
On July 16, 2020, Europe’s highest court, the Court of Justice of the European Union, struck down the Privacy Shield, an agreement that permitted companies operating in the European Union (EU) to transfer data to the United...more
On July 16, 2020, the European Court of Justice (Court) ruled in the “Schrems II” case that the one of the most commonly used cross border data transfer mechanisms between the European Union (EU) and the United States (US),...more
In a decision issued on July 16, 2020, the Court of Justice of the European Union (CJEU) invalidated the EU-U.S. Privacy Shield Framework, one of the primary tools used by companies in the European Union (EU) to transfer...more