We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
- What is new: The ICO is proposing to relax its enforcement of cookie consent requirements, meaning user consent would not be required for lower-risk advertising cookies. - Why it matters: The proposals aim to address...more
With the continued absence of comprehensive federal privacy legislation after nearly 20 years of debate, state attorneys general (AGs) are increasingly asserting their role as primary regulators in the data privacy space....more
If your business operates a website or provides online services that collect data about children, you should be aware of expanding legal requirements from U.S. states regulating how private companies interact with minors....more
The UK Information Commissioner’s Office’s (the ICO’s) latest Annual Report summarises its accomplishments and priorities, including last year’s enforcement actions. Based on our review of the report, we see the ICO focusing,...more
New York ‘s Child Data Protection Act, available here, took effect on June 20. This is a landmark piece of legislation designed to enhance the online privacy and safety of minors. As concerns over children’s digital...more
The US “comprehensive” law landscape continues to expand, with two more states—Tennessee (July 1) and Minnesota (July 31) —joining the “comprehensive” privacy law club. Five of these -Delaware, Iowa, Nebraska, New Hampshire,...more
On June 19, 2025, the UK Data (Use and Access) Act 2025 was enacted, marking the culmination of a lengthy legislative process aimed at reshaping aspects of the country’s data protection regime. First proposed in 2021 as part...more
Next month ushers in two new US state comprehensive consumer privacy laws in Tennessee and Minnesota, which become effective on July 1 and July 31, respectively. While these laws track the current plethora of US state...more
Key Takeaways - - Amendments to the Colorado Privacy Act, which go into effect on July 1, 2025, establish obligations surrounding both biometric identifiers and biometric data and the broader category of biometric...more
Online retailers now face an increasingly complex matrix of state consumer-privacy statutes that impose prescriptive requirements on data collection, monetization, and cybersecurity practices. ...more
On 10 June 2025, the new statutory tort for serious invasions of privacy came into force as part of a suite of privacy reforms passed last year, substantially enhancing privacy protections and signalling a material shift in...more
When it comes to safeguarding health data, the Health Insurance Portability and Accountability Act (HIPAA) is paramount. HIPAA’s extensive reach encompasses nearly all healthcare providers and all health plans, affecting just...more
For the second installment of this series on the new California Consumer Privacy Act (CCPA) Regs, we are looking at consumer request processes. One major eye opener: Tracker opt-outs must be immediate and you may not be...more
On April 23 and 24, 2025, regulators, industry leaders and data privacy leaders from across the globe convened in Washington, D.C. for the 2025 International Association of Privacy Professionals (IAPP) Global Privacy Summit....more
While March featured a flurry of newly introduced comprehensive privacy bills, state legislatures now appear to be primarily focused on pushing existing proposals through the chambers. ...more
The states bounced back from a somewhat quiet previous biweekly update with several noteworthy developments in the last two weeks. A total of five new state comprehensive privacy bills were introduced in Maine (LD 1224),...more
Normally, we do a mid-year check-in on privacy regulatory activity. But it’s like we’ve lived through six months of events in the last 8 weeks. A new administration making some big moves; some precedent-setting enforcement...more
The UK’s data protection regulator, the Information Commissioner’s Office (ICO), has recently announced investigations into three companies in connection with the use of children’s personal information. In a statement on...more
Keypoint: Last week, the Utah legislature passed two bills prior to closing while Georgia’s Senate passed a consumer data privacy bill and the Arizona House passed a social media bill. Below is the ninth weekly update on...more
Please visit here to visit our Mintz Matrix page with the latest edition of the Mintz Matrix, which is a 50-state resource we have maintained since 2009 to break down and summarize requirements of U.S. state data breach...more
Keypoint: Last week, the Virginia legislature passed a VCDPA amendment, kid’s privacy bills crossed chambers in South Carolina and Utah, and lawmakers continued to introduce new bills on various topics. Below is the seventh...more
Considering the rapid development and deployment of artificial intelligence (AI) in a wide array of applications and business sectors, it can be a daunting task for a company’s General Counsel (GC) to keep pace in identifying...more
Keypoint: Last week saw a flurry of activity across numerous states, including bills advancing in Virginia, Oklahoma, Washington, Utah, and South Carolina, while lawmakers continued to introduce bills across the country. ...more
2024 was a pivotal year in the regulation of data practices, with increased scrutiny of artificial intelligence (AI), data brokers, and the ecosystem of commercial data, and the continued proliferation of comprehensive United...more
On January 29, 2025, the General Court of the European Union delivered a significant judgment concerning the powers and competences of the European Data Protection Board ("EDPB"). The case involved the Data Protection...more