Data Driven Compliance: Understanding the ECCTA and Its Impact with Jonathan Armstrong
Suluki Secrets: Behind the Scenes of Reasonable Investigations — FCRA Focus Podcast
Understanding BBB Ratings: Building Trust and Mitigating Risks — Regulatory Oversight Podcast
PODCAST: PODCAST: Williams Mullen's Trending Now: An IP Podcast - Cease and Desist Letters: Protecting Your Intellectual Property the Right Way
Daily Compliance News: July 21, 2025, The More Reasons Not to Go to China Edition
Daily Compliance News: July 7, 2025 the Disaster on the River Edition
Podcast - New Guidance on Complying with FTC Rule on Deceptive and Unfair Fees
State AG Pulse | The Inside Scoop: On Being Chief Deputy
Because that's what heroes Do: Deep Space 9 – Episode 31: Extreme Measures – Great Sci Fi and Moral Dilemmas
FCPA Compliance Report: Eric Morehead on Understanding The Role and Function of The U.S. Sentencing Commission
Consumer Finance Monitor Podcast Episode: Challenges of Using the Current Law to Address Dark Patterns, with Guest Gregory Dickinson, Assistant Professor, St. Thomas University
Consumer Finance Monitor Podcast Episode: Should Written Contracts be Eliminated for Small Dollar Transactions? With David Hoffman, University of Pennsylvania Carey Law School
Troutman Pepper Attorneys Update Fair Lending Handbook for the American Association of Bank Directors - The Consumer Finance Podcast
Season 2 Episode 4 - Russia Enforcement and the involvement of DOJ's Task Force KleptoCapture
PLI's inSecurities Podcast: A View From the Inside
Consumer Finance Podcast Monitor Episode: The Consumer Financial Protection Bureau’s Final Section 1071 Rule on Small Business Data Collection: What You Need to Know, Part II, Guest David Skanderson
Podcast Episode 179: How to Start and Succeed at Creating Your Law Firm Podcast
Winstead HOA Law Webinar: Deed Restriction Compliance – Legal Process
The Labor Law Insider - Pause Before You Discipline: NLRB Turns Against Civility in Lion Elastomers Decision
A Glimpse Into the Other Side: Understanding the Perspective of Government Enforcers
Like most U.S. states, Maine has a statute that requires investigations and sometimes notice to third parties after data breaches. The statute—the Notice of Risk to Personal Data Act—took effect in 2005. This article...more
Following its enactment earlier this year, Myanmar's Cybersecurity Law No. 1/2025 (the “Cybersecurity Law”) came into effect on 30 July 2025. It introduces a comprehensive framework regulating both domestic and international...more
As cybersecurity rises to the top of the corporate agenda, businesses face growing pressure to comply with the EU’s evolving regulatory landscape. Whether your company falls directly under EU cybersecurity laws or is...more
The EU has introduced Delegated Regulation (EU) 2025/1190, establishing the first harmonized standards for threat-led penetration testing ("TLPT") across the financial sector. The regulation aims to strengthen the cyber...more
This monthly report outlines key developments in China’s data protection sector for July. The following events merit special attention: CAC Issues Third Edition of the Data Export Security Assessment Application Guide: On...more
According to Cybersecurity Dive, “Americans lost $16.6 billion to cyber fraud and internet crimes last year (2024), up 33% from the previous year. Phishing, spoofing and extortion topped the list of complaints, but investment...more
On April 8, 2025, the US Department of Justice’s National Security Division’s final rule regulating sensitive data about US persons came into effect. DOJ also announced a 90-day grace period on enforcement. At a moment of...more
Texas Governor Greg Abbott has signed the App Store Accountability Act (“the Act”) into law, instituting sweeping new obligations regarding age verification and parental consent for app stores and app developers operating in...more
The U.S. Department of Justice (“DOJ”) Data Security Program (“DSP”) 90-day enforcement grace period ended as of July 8, 2025. While the program became effective April 8, 2025, DOJ implemented a 90-day enforcement grace...more
On 25 June 2025, the European Commission announced its proposal for a “Space Act” that would introduce a new regulatory framework for EU space activities. The proposed framework includes cyber-resilience obligations for EU...more
European cybersecurity risk management and reporting obligations have received a substantial facelift. The Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the EU (“NIS 2”) became effective...more
On June 25, 2025, the European Commission published the long-anticipated draft EU Space Act (“Act”), a potentially landmark regulation that will apply to both EU and non-EU operators providing space services in Europe. The...more
This post is one in a series where we discuss the US Department of Justice’s (DOJ’s) bulk sensitive data rule (rule), which prohibits individuals or entities from certain foreign countries, including China, from accessing...more
Online retailers now face an increasingly complex matrix of state consumer-privacy statutes that impose prescriptive requirements on data collection, monetization, and cybersecurity practices. ...more
On April 8, 2025, the Department of Justice’s Final Rule, titled “Provisions Pertaining to Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons,” (the “Final...more
In today's world, violations of individual privacy and secret disclosure are a serious problem. It may be eavesdropping, interception, recording, and the spreading of personal information without the consent of the other...more
After a relatively slow start to 2025, the California Privacy Protection Agency (CPPA) is firing on all cylinders now. In recent weeks, the CPPA (i) revised the proposed Delete Request and Opt-out Platform (DROP) regulations...more
In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more
Consider trade secret enforcement your armor on the battlefields of IP. Given greater exposure to cybersecurity breaches and data theft, a murky future for employee noncompete agreements, AI algorithms that challenge the...more
Today, the HHS Office for Civil Rights (OCR) stands shoulder-to-shoulder with the likes of the Office of Inspector General and Office of General Counsel, one of just a dozen or so agencies reporting directly to the secretary....more
The Artificial Intelligence Act (AI Act) is the world's first comprehensive legal framework for AI regulation, which entered into force on August 1, 2024. The AI Act aims to ensure that AI systems are trustworthy, safe and...more
Uncertainty was a prominent theme at last week’s ABA White Collar Crime Institute. The Trump administration has issued a series of directives that seem to shift and narrow the scope of (if not entirely abandon) a host of...more
Although the change in administrations has heralded shifting enforcement priorities at the U.S. Department of Justice (DOJ), cybersecurity enforcement under the False Claims Act (FCA) appears to be alive and well. That is the...more
At the end of last week, the SEC announced the establishment of a new Cyber and Emerging Technologies Unit, designed to replace the current Crypto Assets and Cyber Unit and to complement the work of the newly established...more
In his final days in office, President Biden signed an ambitious executive order to improve the federal government's approach to cybersecurity. Executive Order 14114 ("Executive Order"), issued January 16, 2025, titled...more