Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
The TAKE IT DOWN Act (the Act), enacted on May 19, 2025, is a powerful (and controversial) new tool designed to stop people from sharing “nonconsensual intimate imagery,” or NCII, online. The Act does two main things: it...more
On April 22, 2025, the Federal Trade Commission (FTC or the Commission) published an updated Children’s Online Privacy Protection Act (COPPA) Rule (Rule) in the Federal Register. The updates are effective June 23, 2025. But...more
In Ryan v. X Corp., a Northern District of California court held that Section 230 of the Communications Decency Act immunized X (formerly Twitter) against claims arising from suspension of a user’s account, notwithstanding...more
In our recent webinar, members of the Eversheds Sutherland Insurance Practice Group discussed noteworthy developments from the National Association of Insurance Commissioners (NAIC) Fall National Meeting that was held in...more
The Federal Trade Commission (FTC) has a long-standing habit of creating legal obligations through blog posts. Recent communications from the FTC by way of its Office of Technology Blog evidence an aggressive expectation...more
The U.S. Departments of Justice and Commerce, as well as the European Commission recently launched the EU-US Data Privacy Framework (“DPF”), marking a significant shift from the previous frameworks such as Safe Harbor and...more
In this episode of On Record PR, Gina Rubel goes on record with Aihong Yu, Chief Privacy Counsel of CDK Global, to discuss how embracing privacy and security measures…...more
Publicly announced Foreign Corrupt Practices Act (FCPA) enforcement activity in 2023 did not return to the levels seen a few years ago, as indicated by both the total number of cases against corporate and individual...more
The FTC is proposing significant changes to the Children’s Online Privacy Protection Act (COPPA) rule to place new restrictions on the use and disclosure of children’s personal information. The COPPA Rule requires websites...more
Cybersecurity and data privacy risks continue to loom large with potentially significant consequences. Litigation, often filed soon after incidents, adds to the possible repercussions. In our previous article, we discussed a...more
Iowa recently became the fifth state to offer businesses a safe harbor if they have a written cybersecurity program. Others are Connecticut (October 1, 2021), Ohio (effective November 2, 2018), Oregon (effective January 1,...more
If your business transfers data from the European Union to the United States, you’ve likely been keeping an eye on the EU-U.S. Data Privacy Framework (EU-U.S. DPF) for the past several years. The long-awaited adequacy...more
Iowa becomes the fourth U.S. state to provide an affirmative defense for companies that adopt a cybersecurity framework - Iowa is the fourth state—following Ohio, Connecticut, and Utah—to provide a statutory incentive for...more
On July 10, the European Commission (EC) published its data adequacy decision for the new EU-U.S. Data Privacy Framework (EU-U.S. DPF). This means that companies can transfer personal data from EU countries and from Iceland,...more
On June 5-6, 2023, the NAIC Privacy Protections (H) Working Group (“PPWG”) held an in-person interim meeting (“session”) to continue its work on drafting a new model privacy law, the Insurance Consumer Privacy Protection...more
The process for data transfers from the EU to the US under Standard Contractual Clauses has been back in the news recently, leading many to ask: will the proposed EU-US Data Privacy Framework be approved by the Europeans...more
The Strategy’s liability proposal represents a fundamental change in the cybersecurity market for software markers. Proposed legislation would seek to restrict software providers’ ability to limit liability while also...more
Background Note: Data privacy has become a critical issue in the digital era, with laws and regulations constantly evolving. As a result, it’s important for cybersecurity, information governance, and legal discovery...more
Earlier this month, HHS’s Office for Civil Rights (OCR) issued a Request for Information (RFI) seeking comments on a statutory provision adopted last year that provides a quasi-safe harbor for entities that have voluntarily...more
The European Union’s General Data Protection Regulation (GDPR) prohibits transfers of personal information about Europeans to destinations outside of the EU unless one of several tests is satisfied. As pertains to transfers...more
On October 1, 2021, two Acts overhauling data privacy and cybersecurity in Connecticut took effect—the latest instance of stronger state breach reporting requirements with a safe harbor protection from litigation for...more
Connecticut’s new cybersecurity standards law, which goes into effect on October 1, 2021, protects companies from punitive damages in certain data breach actions where an organization has a cybersecurity program that conforms...more
In this month’s edition of our Privacy & Cybersecurity Update, we examine FINRA’s report on cloud computing, Connecticut’s new safe harbor for companies following certain cybersecurity protocols and a district court dismissal...more
The FTC recently announced the removal of Aristotle International, Inc. from the list of seven approved safe harbor programs under the Children’s Online Privacy Protection Act. Programs that are approved by the FTC must place...more
In an unusual but significant move, on August 4, 2021, the Federal Trade Commission (FTC) removed Aristotle International from the Children’s Online Privacy Protection Act (COPPA) Safe Harbor List. ...more