Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
On April 11, 2025, the Department of Justice (DOJ) announced additional guidance regarding the implementation of the Final Rule (the “Rule”), Provisions Pertaining to Preventing Access to U.S. Sensitive Personal Data and...more
On March 12, 2025, the California Privacy Protection Agency (the Agency) announced a settlement with American Honda Motor Company, Inc. (Honda) for multiple violations of the California Consumer Privacy Act (CCPA),...more
New York Attorney General (AG) Letitia James and global movie theater operator National Amusements, Inc. (National) settled a lawsuit stemming from a 2022 data breach reported by National, which affected 82,128 National...more
Connecticut Attorney General William Tong announced on October 21, 2024, that his office has settled a data breach case against Guardian Analytics, Inc. for $500,000. The data breach affected the personal information of...more
Carriers have an obligation to protect customer proprietary network information (CPNI) and personally identifiable information (PI). Several recent FCC consent decrees resolving breaches of CPNI and PI show the FCC will hold...more
The State of Texas and Meta Platforms Inc. (“Meta”) have agreed to a $1.4 billion settlement, to be paid out over five years, to resolve claims relating to Meta’s alleged use of facial recognition technology without user...more
The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more
The Brazilian Data Protection Authority (Autoridade Nacional de Proteção de Dados, “ANPD”), applied its first two sanctions of 2024 against two Brazilian governmental institutions. It is worth noting that, as both are public...more
State regulators across the country continue to increase their focus on cyber security and data privacy compliance and enforcement. For years, cloud company Blackbaud, a service provider to thousands of nonprofit enterprises,...more
In Short - The Situation: Following a cyberattack on a law firm's systems, the Securities and Exchange Commission ("SEC") subpoenaed the firm for information, including the identity of clients whose information may have...more
The FTC recently proposed amendments to the Health Breach Notification Rule (HBNR). This is on trend with its aggressive interest over the last couple of years in health data not covered by HIPAA....more
In February 2023, the Brazilian National Data Protection Authority (ANPD) published the rules for the application of sanctions and the methodology for calculating fines for violation of their General Data Protection Law...more
On January 9, the U.S. District Court for the District of New Mexico granted preliminary approval of a class action settlement in a data breach suit that allegedly compromised approximately 191,000 individuals’ personally...more
The Federal Trade Commission will have its eye on privacy and data security enforcement in 2023. In August, the agency announced that it is exploring ways to crack down on lax data security practices. In the announcement,...more
This year has seen some substantial new data breach settlements including a $500,000 Federal Trade Commission (FTC) fine against CafePress, a $1.25 million multi-state class action settlement and $5 million New York...more
Continuing a trend it has been pursuing, the CFPB on Thursday used a non-rulemaking circular (Consumer Financial Protection Circular 2022-04) to state that its UDAAP authority extends its enforcement authority to situations...more
CYBERSECURITY - Verizon’s 2022 Data Breach Investigations Report: A Must Read - I love Verizon’s annual Data Breach Investigations Report (DBIR). I have pored over its content every year since its inception in 2008. (Just...more
Our Privacy, Cyber & Data Strategy and Consumer Protection/FTC teams offer key takeaways from the Federal Trade Commission’s enforcement action in the midst of renewed emphasis on children’s privacy by both the Biden...more
We continue our year-end review of SEC enforcement activity and turn our attention to a topic grabbing seemingly daily headlines across multiple industries: cybersecurity. As the risks – and realities – of cyberattacks...more
This is the time of year for thought pieces reflecting on the past year or so to speculate on the hot topics for next year. I began to wonder about California Consumer Privacy Act (CCPA) enforcement actions over the past year...more
New Mexico’s Attorney General, Hector Balderas, continues to champion children’s online privacy protections, this time settling with Google over alleged violations of the Children’s Online Privacy Protection Act (COPPA). ...more
The Justice Department continues to attack and dismantle global ransomware extortion organizations. Business surveys often confirm that executives are hyper-focused on the risk of ransomware attacks against businesses....more
CYBERSECURITY - Medical Center Rebuilding EMR Following Ransomware Attack - Queen Creek Medical Center (QCMC), also known as Desert Wells Family Medicine, located in Arizona, has notified up to 35,000 patients of a data...more
There is little doubt that the U.S. Securities and Exchange Commission is making cybersecurity a top priority. SEC Chair Gary Gensler told a Senate committee on Tuesday, September 14, 2021 that the agency is developing a...more
On August 30, 2021, the Securities and Exchange Commission (SEC) announced that eight broker-dealers and/or investment advisers will pay civil monetary penalties to resolve enforcement actions arising from cybersecurity...more