Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
The Privacy Insider Podcast Episode 16: Protecting Privacy at Every Walk of Life with France Bélanger and Donna Wertalik of Virginia Tech
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
"Monsters Inc." y el tratamiento de los datos
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] You Are Here: First Steps in Data Mapping
Fintech Focus Podcast | What Does AI Safety Mean For Fintechs?
The FTC's Health Privacy Enforcement Actions
The FTC and DOJ Act Against Amazon to Protect Privacy
Law Brief®: Rich Schoenstein and Annmarie Giblin Discuss Cyber Law
Biometric Litigation
Podcast - The FTC Agenda & Data Privacy
California has approved new regulations requiring some companies to conduct annual audits of their cybersecurity programs, including the policies, procedures, and practices for protecting personal information. On July 24,...more
In recent comments, Commissioner Holyoak signaled that the Federal Trade Commission will prioritize enforcement of the Protecting Americans’ Data from Foreign Adversaries Act (PADFAA), a law that empowers the FTC to police...more
While March featured a flurry of newly introduced comprehensive privacy bills, state legislatures now appear to be primarily focused on pushing existing proposals through the chambers. ...more
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
We are back for our sixth year of tracking proposed state privacy legislation and fifth year of providing weekly updates. As in past years, we will track proposed state privacy legislation through these weekly updates and our...more
Starting January 2025, five state privacy laws will take effect, providing consumer privacy rights to a new swath of individuals across the country. Delaware, Iowa, Nebraska, and New Hampshire’s laws will go into effect on...more
The Federal Trade Commission (FTC) announced two significant enforcement actions last week – one against data broker Mobilewalla, Inc. and the other against data analytics provider Gravy Analytics, Inc. (and its subsidiary...more
On 19 September 2024, the Belgian Data Protection Authority (DPA) issued new Guidance on the interplay between the recently adopted EU Regulation on Artificial Intelligence (the AI Act) and the General Data Protection...more
Website owners often struggle to design privacy policies that are not only comprehensive, but also comprehensible. The tension between these competing concerns was in sharp focus in a recent Ninth Circuit decision, Calhoun v....more
State-level privacy laws in the United States continue to develop at a dizzying pace and it is understandably difficult to keep track of what takes effect when. Below we’ve outlined the statutes and regulations taking effect...more
Following a busy 2023 in which seven states enacted comprehensive privacy laws, we entered this year expecting additional activity on this front across state legislatures. The opening weeks of 2024 have not disappointed. Most...more
The enactment of biometric privacy laws is a growing trend across the country. Existing legislation has led to a boon of class action litigation against employers, consumer-facing businesses, and technology companies for...more
Many companies may be quick to dismiss Washington’s “My Health, My Data” (MHMD) as a health data law that does not apply to them. But there are many reasons you should think twice before disregarding this law....more
Californians voted to enact the California Privacy Rights Act (“CPRA”) almost one year ago. Last week, Governor Gavin Newsom signed three new privacy bills into law....more
On June 16, 2021, the Connecticut General Assembly adopted an expanded version of Connecticut’s data breach notification statute (2021 CT H.B. 5310 (NS)). Through this expansion, Connecticut’s data breach notification statute...more
China’s long-awaited Personal Information Protection Law (PIPL), after two rounds of draft versions, was finally passed by the Standing Committee of the National People's Congress on August 20, 2021, with the law effective...more
In Reference re Subsection 18.3(1) of the Federal Courts Act (the Reference), the Federal Court of Canada held that the Personal Information Protection and Electronic Documents Act, SC 2000, c 5 (PIPEDA) applies to internet...more
On July 6, the General Office of the Central Committee of China’s Communist Party and the General Office of the State Council jointly issued the Opinions on Strictly Cracking Down on Illegal Securities-related Activity in...more
The Japanese government has released the effective dates of substantial amendments to the Japanese Act on the Protection of Personal Information (“APPI”). The revised Act will fully come into effect on 1 April 2022. ...more
Last November, California voters approved Proposition 24, enacting the California Privacy Rights Act (“CPRA”). The CPRA amends the California Consumer Privacy Act (“CCPA”), which was already the most sweeping consumer data...more
The question of standing has proven to be a tricky one in data breach litigation. Last week a federal district court in Maryland rejected a proposed class action brought by Marriott guests related to a data breach suffered by...more
After what seemed like a set of fits and starts for the California Consumer Privacy Act (CCPA), which went into effect on January 1, 2020, California Attorney General Xavier Becerra announced the approval of the final...more
In some cases yes, and in other cases no. The CCPA defines “personal information” as information that, among other things, “is capable of being associated with” a particular consumer....more
As state legislatures begin their 2020 sessions, proposals for stronger privacy laws are at the top of the agenda across the country. Carrying forward the story we told in reports in February, April, and July of last year,...more