Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Our previous report on the Chapter 11 case of 23andMe discussed the Sale Order entered by the Bankruptcy Court on June 27, which approved the proposed sale of substantially all of the assets of the company. We noted that...more
When direct-to-consumer genetic testing company 23andMe Holding Co. and its affiliates (together, “23andMe”) filed for chapter 11 bankruptcy on March 24, 2025, they possessed data from over 15 million customers. Specifically,...more
Privacy pros are passionate about doing good work, in every sense of the word. Yes, we care about managing privacy as thoroughly and efficiently as possible (and not getting fined). But we are all in this line of work for a...more
On March 12, 2025, the California Privacy Protection Agency (the Agency) announced a settlement with American Honda Motor Company, Inc. (Honda) for multiple violations of the California Consumer Privacy Act (CCPA),...more
Businesses need data from consumers, and the sharing and selling of this resource has become quite common. However, you also need to be mindful of the rights of the people whose data you collect, especially their personally...more
On January 14, the FTC issued a consent order against a company and its subsidiary for allegedly engaging in unfair practices concerning the collection, use and sale of consumer location data in violation of the FTC Act. The...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
The California Privacy Protection Agency’s (CPPA) new data broker regulations took effect on December 27, 2024. They are now in effect during the CPPA’s annual data broker registration period, which lasts from January 1 to...more
2024 was a busy year for state consumer data privacy laws in the United States. Seven states enacted comprehensive data privacy statutes throughout the year, and laws enacted in 2023 went into effect in Montana, Florida,...more
First passed into law in 2018, the California Consumer Privacy Act (CCPA) received its first major update in 2020 by way of the California Privacy Rights Act (CPRA), through which the California Privacy Protection Agency...more
Earlier this month, after the conclusion of the public comment period, the Colorado Department of Law adopted amendments to the Colorado Privacy Act (CPA), which grants rights to Colorado consumers concerning their personal...more
Comprehensive consumer privacy laws are rapidly expanding across the United States, significantly impacting PEOs. Currently, 19 states have enacted privacy laws, with eight already in effect and 11 set to take effect between...more
Readers of this blog may recall a piece in which we discussed a New Jersey State law known as Daniel’s Law and Atlas Data Privacy Corporation (“Atlas Data”), a consumer data protection company. Shortly after Daniel’s Law was...more
On November 8, 2024, the California Privacy Protection Agency (CPPA) Board met to discuss and vote on various proposed California Consumer Privacy Act (CCPA) regulations related to cybersecurity audits, automated...more
It’s no longer good enough for your business to have a reactive approach to consumer privacy – you need a proactive strategy to manage compliance, foster consumer trust, and stay competitive in this modern era. While many...more
The California Consumer Privacy Act of 2018 (as amended, including by the California Privacy Rights Act, the CCPA) was drafted by a privacy rights activist, initially passed and later amended multiple times by the California...more
Comprehensive consumer privacy laws continue to hit the desks of governors in states across the country, with nineteen state laws now on the books. Since we wrote our 2023 Round-Up on State Consumer Data Privacy Laws article...more
The U.S. Court of Appeals for the Second Circuit reinstated a proposed class action by Michael Salazar against a professional sports organization on October 15, 2024, alleging violations of the Video Privacy Protection Act...more
California Governor Gavin Newsom approved an amendment to the California Consumer Privacy Act (CCPA) extending privacy rights to a person’s neural data. Neural data is defined as information that is generated by measuring the...more
Since the passage of the California Consumer Privacy Act (CCPA) in 2018, and in the absence of a comprehensive data privacy law at the federal level, states have increasingly sought to enact their own privacy legislation. ...more
Actions in the last six months of the Brazilian National Data Protection Authority (“ANPD”) suggest that it intends to aggressively enforce the Brazilian Data Protection Law (“LGPD”). The LGPD applies to any entity that...more
Over the past several years, the number of states with comprehensive consumer data privacy laws has increased exponentially from just a handful—California, Colorado, Virginia, Connecticut, and Utah—to up to twenty by some...more
Keypoint: California district courts continue to split over whether “knowledge” is required to plead liability under Section 631(a)’s fourth prong while two decisions show courts taking different approaches to VPPA claims at...more
Keypoint: Courts have started to issue Pixel-based wiretapping decisions, the Seventh Circuit weighs in on when a manufacturer can be forced to pay arbitration fees, and three courts showed different approaches to dismissing...more
Sprawling. That’s one way to describe the nature of data and responsibilities in modern organizations. There’s a lot of personally identifiable information (PII) and sensitive data to track, and knowing what lives where so...more