Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
In November 2024, the Township of White Lake, Michigan, fell victim to a cyberattack resulting in the wiring of approximately $29 million to the unauthorized account of the culprit. Before White Lake imminently closed on its...more
As an attorney focused on technology transactions and counseling, I approach new technologies with both curiosity and caution. Like many lawyers, I tend to be skeptical until I fully understand how something works....more
While many systems that are described as AI have been around for decades (e.g., internet search engines), today’s AI tools are much more powerful and are widely accessible. Generative AI and agentic AI extend the power of...more
In recent comments, Commissioner Holyoak signaled that the Federal Trade Commission will prioritize enforcement of the Protecting Americans’ Data from Foreign Adversaries Act (PADFAA), a law that empowers the FTC to police...more
Ontario’s Information and Privacy Commissioner (IPC) has released a new Privacy Management Handbook (Handbook) aimed at assisting small healthcare organizations to meet their privacy obligations under Ontario’s health...more
Join Morrison Foerster’s global Privacy + Data Security Group for our masterclass webinar, “Caught in the Web: Untangling Challenges to Teen Online Safety Laws." We will break down the evolving legal landscape around teen...more
Last week’s NFL draft highlighted more than the accomplishments of athletes at the combine or on the field. While there was extensive coverage of the merits of each player, one of the major headlines coming out of the draft...more
The Spanish Government has published the Preliminary Draft Act for the proper use and governance of Artificial Intelligence (the "Draft Act"), which aims to complement and develop the framework set out by the AI Regulation....more
A HIPAA compliance assessment is an evaluation of an organization's practices, policies, and procedures to ensure that they align with requirements from the Health Insurance Portability and Accountability Act (“HIPAA”). It...more
Normally, we do a mid-year check-in on privacy regulatory activity. But it’s like we’ve lived through six months of events in the last 8 weeks. A new administration making some big moves; some precedent-setting enforcement...more
We are now on the first stop – illegal harms – of Ofcom’s (the UK’s online safety regulator) roadmap for what online providers must do to comply with the OSA. - By March 16, 2025, in-scope services must assess the risk of...more
From today, online platforms are expected to have risk assessments in place to understand how likely it is for its users to encounter illegal content on their service....more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
When was the last time you thought about “data on file” (“DOF”)? Probably not recently, but last week, the U.S. Food and Drug Administration (FDA) Office of Prescription Drug Promotion (OPDP) posted an untitled letter (the...more
Faced with emerging challenges in privacy and cybersecurity, state attorneys general (AGs) are at the forefront of enforcement. Companies face increasing expectations to implement robust cybersecurity programs, promptly...more
Public-private partnerships across the world between financial institutions, financial intelligence units and investigative authorities have laid the foundation to advance criminal investigations. However, there is further...more
The UK’s Online Safety Act 2023 (OSA) is a comprehensive piece of legislation designed to regulate social media companies and search services and to increase protections for individuals online. It draws comparisons to the...more
On January 23, 2025, PayPal settled an enforcement action brought by the New York State Department of Financial Services (NY DFS) for failing to comply with cybersecurity regulations required for financial services businesses...more
As 2025 progresses, one thing is clear—GDPR enforcement is not slowing down. In fact, regulators across Europe are intensifying their scrutiny, handing out significant fines and even warning executives of potential personal...more
On February 4, 2025, the European Commission (EC) issued draft guidelines clarifying the AI practices that are prohibited under the European Union’s (EU) Artificial Intelligence (AI) Act. While non-binding, the guidelines...more
In this article, we share a timeline of our monthly "bites" for 2024 applicable to companies in FinTech. The Consumer Financial Protection Bureau was on a tear in the months leading up to the election and the inauguration of...more
On February 4, the California DFPI announced a consent order issued against a credit union (respondent) following a significant cybersecurity breach. This breach, a ransomware attack, allegedly led to the shutdown of various...more
The European Union Artificial Intelligence Act (AI Act) entered into force on 1 August 2024. The AI Act establishes a risk-based approach to AI, prohibiting certain practices that are deemed unacceptable, such as social...more
The Department of Justice (“DOJ”) published its final regulations on “Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons” (the “Final Rule”). The Final...more
On January 13, 2025, the Securities and Exchange Commission (“SEC”) filed a settled enforcement action against Ashford Inc. (“Ashford” or “the Company”), a company that provides products and services to the real estate and...more