Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
"Monsters Inc." y el tratamiento de los datos
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] You Are Here: First Steps in Data Mapping
Fintech Focus Podcast | What Does AI Safety Mean For Fintechs?
The FTC's Health Privacy Enforcement Actions
The FTC and DOJ Act Against Amazon to Protect Privacy
Law Brief®: Rich Schoenstein and Annmarie Giblin Discuss Cyber Law
Biometric Litigation
Podcast - The FTC Agenda & Data Privacy
Webinar Recording – The Colorado Privacy Act and Draft Rules
If your business operates a website or provides online services that collect data about children, you should be aware of expanding legal requirements from U.S. states regulating how private companies interact with minors....more
New Jersey officials recently released proposed privacy regulations that would create several new compliance obligations for businesses above and beyond what existing state law and many other state laws require, meaning you...more
Keypoint: Last week, the Virginia legislature passed a VCDPA amendment, kid’s privacy bills crossed chambers in South Carolina and Utah, and lawmakers continued to introduce new bills on various topics. Below is the seventh...more
Keypoint: Last week saw a flurry of activity across numerous states, including bills advancing in Virginia, Oklahoma, Washington, Utah, and South Carolina, while lawmakers continued to introduce bills across the country. ...more
Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more
Website owners often struggle to design privacy policies that are not only comprehensive, but also comprehensible. The tension between these competing concerns was in sharp focus in a recent Ninth Circuit decision, Calhoun v....more
In Part I, we discussed the European Commission’s (“Commission”) disapproval of Meta’s “pay or consent” subscription model. In Part II, we delve into the European Commission’s findings, prior findings by the European Data...more
Right on the heels of the Illinois Supreme Court’s decision in Tims, the Court delivered yet another crushing blow to Illinois businesses in Cothron v. White Castle System, Inc. Answering the crucial question of when a...more
Colorado Attorney General Phil Weiser has published revisions to the Colorado Privacy Act rules, as well as some additional questions for public feedback. His questions include: What are the pros and cons of using IP...more
The Colorado attorney general’s office sent shockwaves throughout the privacy world on September 30, 2022, when it published its proposed Colorado Privacy Act (CPA) draft rules (Draft Rules). The Draft Rules are complex and...more
Californians voted to enact the California Privacy Rights Act (“CPRA”) almost one year ago. Last week, Governor Gavin Newsom signed three new privacy bills into law....more
Colorado passes its own omnibus state privacy law. Although there are overlaps with the California and Virginia privacy laws, the Colorado Privacy Act has its own distinctions and variations, namely a longer cure period and...more
Last November, California voters approved Proposition 24, enacting the California Privacy Rights Act (“CPRA”). The CPRA amends the California Consumer Privacy Act (“CCPA”), which was already the most sweeping consumer data...more
Virginia became the second state after California to pass a comprehensive privacy law when the governor signed the Consumer Data Protection Act, which contains many elements found in the California Consumer Privacy Act and...more
Keypoint: LGPD is a complicated regulatory regime that will required U.S. entities subject to its requirements to undertake substantial compliance efforts. As documented in Dirceu Santa Rosa’s article for the IAPP’s Privacy...more
After what seemed like a set of fits and starts for the California Consumer Privacy Act (CCPA), which went into effect on January 1, 2020, California Attorney General Xavier Becerra announced the approval of the final...more
On May 4, 2020, the European Data Protection Board adopted updated guidelines on what does and does not constitute consent under the General Data Protection Regulation (GDPR) in certain situations. Consent is one of the...more
The Florida Senate and House of Representatives are considering two bills (SB 1670 and HB 963) that, if adopted, will amend Florida law to create the state’s first comprehensive privacy law (though they do not go nearly as...more
On 1 October 2019, the Court of Justice of the European Union (CJEU) issued its long-awaited decision in the case Planet49 (Case C-673/17). The decision clarifies the requirements for valid cookie consent under Directive...more
The European Union's General Data Protection Regulation ("GDPR") is arguably the most comprehensive - and complex - data privacy regulation in the world. Although the GDPR went into force on May 25, 2018, there continues to...more
The closure of four cases involving targeted advertising provides lessons for navigating compliance standards under the GDPR. The recent closure of cases brought by the French Data Protection Authority (CNIL) against four...more
Six months have now passed since the implementation of the EU General Data Protection Regulation (GDPR). The GDPR has raised awareness of the importance of personal privacy as a fundamental right and placed data protection...more
In what may be a glimpse into the next frontier in class action litigation, two federal courts recently disposed of putative class actions alleging violations of state privacy laws involving genetic and biometric data....more
One of the most striking changes to EU privacy law under the EU’s General Data Protection Regulation (which goes into effect May 25, 2018) is the very strict approach to user consent. For many years, companies operating in...more
On Friday, Oct. 2, home design and renovation company, Houzz, Inc., reached a settlement with the Office of California Attorney General Kamala Harris over allegations that Houzz had recorded customer and employee...more