Data Driven Compliance: Understanding the ECCTA and Its Impact with Jonathan Armstrong
Suluki Secrets: Behind the Scenes of Reasonable Investigations — FCRA Focus Podcast
Understanding BBB Ratings: Building Trust and Mitigating Risks — Regulatory Oversight Podcast
PODCAST: PODCAST: Williams Mullen's Trending Now: An IP Podcast - Cease and Desist Letters: Protecting Your Intellectual Property the Right Way
Daily Compliance News: July 21, 2025, The More Reasons Not to Go to China Edition
Daily Compliance News: July 7, 2025 the Disaster on the River Edition
Podcast - New Guidance on Complying with FTC Rule on Deceptive and Unfair Fees
State AG Pulse | The Inside Scoop: On Being Chief Deputy
Because that's what heroes Do: Deep Space 9 – Episode 31: Extreme Measures – Great Sci Fi and Moral Dilemmas
FCPA Compliance Report: Eric Morehead on Understanding The Role and Function of The U.S. Sentencing Commission
Consumer Finance Monitor Podcast Episode: Challenges of Using the Current Law to Address Dark Patterns, with Guest Gregory Dickinson, Assistant Professor, St. Thomas University
Consumer Finance Monitor Podcast Episode: Should Written Contracts be Eliminated for Small Dollar Transactions? With David Hoffman, University of Pennsylvania Carey Law School
Troutman Pepper Attorneys Update Fair Lending Handbook for the American Association of Bank Directors - The Consumer Finance Podcast
Season 2 Episode 4 - Russia Enforcement and the involvement of DOJ's Task Force KleptoCapture
PLI's inSecurities Podcast: A View From the Inside
Consumer Finance Podcast Monitor Episode: The Consumer Financial Protection Bureau’s Final Section 1071 Rule on Small Business Data Collection: What You Need to Know, Part II, Guest David Skanderson
Podcast Episode 179: How to Start and Succeed at Creating Your Law Firm Podcast
Winstead HOA Law Webinar: Deed Restriction Compliance – Legal Process
The Labor Law Insider - Pause Before You Discipline: NLRB Turns Against Civility in Lion Elastomers Decision
A Glimpse Into the Other Side: Understanding the Perspective of Government Enforcers
Like most U.S. states, Maine has a statute that requires investigations and sometimes notice to third parties after data breaches. The statute—the Notice of Risk to Personal Data Act—took effect in 2005. This article...more
Rhode Island’s Governor recently signed the Rhode Island Judicial Security Act (H5892), which aims to bolster the privacy and security of current and former judicial officers and their families by introducing several measures...more
Starting today, July 31, 2025, the Minnesota Consumer Data Privacy Act (“MCDPA”) officially takes effect. Signed by Governor Tim Walz in May 2024, this act majorly affects how the personal data of Minnesota residents is...more
In a recent report, a team of Morgan Lewis lawyers discussed enforcement of the US Department of Justice’s (DOJ’s) Data Security Program (DSP). The report outlines critical considerations for companies and entities that may...more
This monthly report outlines key developments in China’s data protection sector for July. The following events merit special attention: CAC Issues Third Edition of the Data Export Security Assessment Application Guide: On...more
According to Cybersecurity Dive, “Americans lost $16.6 billion to cyber fraud and internet crimes last year (2024), up 33% from the previous year. Phishing, spoofing and extortion topped the list of complaints, but investment...more
On April 8, 2025, the US Department of Justice’s National Security Division’s final rule regulating sensitive data about US persons came into effect. DOJ also announced a 90-day grace period on enforcement. At a moment of...more
The U.S. Department of Justice (“DOJ”) Data Security Program (“DSP”) 90-day enforcement grace period ended as of July 8, 2025. While the program became effective April 8, 2025, DOJ implemented a 90-day enforcement grace...more
Financial institutions across the United States have grappled with compliance requirements under the Customer Identification Program (CIP) Rule for more than two decades. A new exemption, approved in June 2025, promises...more
The U.S. Department of Justice (DOJ) is set to enforce its sweeping new rule on certain U.S. data transactions with countries of concern and covered persons as of July 9, 2025. The new rule regarding “Preventing Access to...more
This post is one in a series where we discuss the US Department of Justice’s (DOJ’s) bulk sensitive data rule (rule), which prohibits individuals or entities from certain foreign countries, including China, from accessing...more
On April 8, 2025, the Department of Justice’s Final Rule, titled “Provisions Pertaining to Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons,” (the “Final...more
China rolled out its “new,” streamlined cross-border data transfer (CBDT) regime on March 22, 2024, with the issuance by the Cyberspace Administration of China (CAC) of the Provisions on Facilitating and Regulating...more
The Interim AI Measures is China's first specific, administrative regulation on the management of generative AI services. Laws/Regulations/National Standards directly regulating AI (the "AI Regulations") The Cyberspace...more
A month has passed since the Department of Justice (DOJ) National Security Division’s (NSD) issued its Final Rule prohibiting certain transactions involving US government data and Americans’ bulk sensitive personal data....more
While the US federal government is largely scaling back its rulemaking and compliance efforts, one critical exception is where personal data and technology intersect with national security. Exemplifying this trend, on April...more
Effective as of April 8, 2025, the National Security Division of the U.S. Department of Justice (DOJ) has implemented a Data Security Program (the DSP) to address national security risks associated with the transfer of...more
The new Department of Justice (DOJ) rule governing international transfers of Americans’ information, codified at 28 C.F.R. Part 202, became effective on April 8, 2025....more
What's Changed? The U.S. Department of Justice (DOJ) published a Data Security Program (DSP), pursuant to a final rule (Final Rule), which became effective on April 8, 2025....more
U.S. organizations should carefully review and ensure their privacy and cybersecurity practices comply with a wide-ranging new federal rule establishing data transfer restrictions regarding sensitive U.S. personal data. The...more
As if legal and compliance professionals had enough responsibilities on their plates, DOJ dropped another shoe (to join the tariffs, sanctions and export controls, and immigration issues) and upped the stakes for ethics and...more
Hello, everyone. My name is Allan Medina. I am a partner in Goodwin’s Washington, DC, office, with a practice focus on government investigations. I’m here with Liza Craig, who is also a partner in the DC office. We are...more
In today’s digital landscape, privacy policies have evolved from obscure legal documents into essential corporate governance tools. As data privacy regulations expand globally, organizations face increasing compliance...more
The Data Security Program (DSP) recently implemented by the U.S. Department of Justice (DOJ) will have far-reaching implications for many businesses that transfer the personal data of U.S. citizens outside the United States....more
As Oregon’s data privacy landscape continues to evolve, nonprofits must take note: the Oregon Consumer Privacy Act (OCPA) will apply to nonprofit organizations beginning on July 1, 2025. The grace period granted to nonprofits...more