We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
"Monsters Inc." y el tratamiento de los datos
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] You Are Here: First Steps in Data Mapping
Fintech Focus Podcast | What Does AI Safety Mean For Fintechs?
The FTC's Health Privacy Enforcement Actions
The FTC and DOJ Act Against Amazon to Protect Privacy
Law Brief®: Rich Schoenstein and Annmarie Giblin Discuss Cyber Law
Biometric Litigation
Podcast - The FTC Agenda & Data Privacy
Webinar Recording – The Colorado Privacy Act and Draft Rules
2022 DSIR Report Deeper Dive: Personal Data Deletion
As of July 9, the U.S. Department of Justice has begun full enforcement of a sweeping new data regulation known as the Sensitive Data Rule, or “SDR.” Implemented under President Biden’s Executive Order 14117, the SDR marks a...more
Last week, on July 14, 2025, a New York federal court issued a general stay of enforcement of the NY Algorithmic Pricing Disclosure Act, which went into effect just days earlier, on July 8, 2025. As a result, businesses...more
July 23, 2025 Mark D. Metrey On July 8, 2025, Connecticut Attorney General William Tong announced the state's first public enforcement action under the Connecticut Data Privacy Act (CTDPA) against TicketNetwork, Inc....more
The U.S. Department of Justice has added a new weapon to its enforcement arsenal, aimed at enhancing its ability to prevent foreign adversaries from accessing and exploiting government related data and sensitive personal data...more
In recent comments, Commissioner Holyoak signaled that the Federal Trade Commission will prioritize enforcement of the Protecting Americans’ Data from Foreign Adversaries Act (PADFAA), a law that empowers the FTC to police...more
The UK Information Commissioner’s Office’s (the ICO’s) latest Annual Report summarises its accomplishments and priorities, including last year’s enforcement actions. Based on our review of the report, we see the ICO focusing,...more
This monthly report outlines key developments in China’s data protection sector for July. The following events merit special attention: CAC Issues Third Edition of the Data Export Security Assessment Application Guide: On...more
Connecticut Attorney General William Tong recently announced the state’s first-ever enforcement settlement under the Connecticut Data Privacy Act (CTDPA) with TicketNetwork, Inc., an online ticket marketplace. The settlement...more
On July 9, 2025, the Department of Justice (“DOJ”) commenced enforcement of its new Data Security Program (“DSP”) to prevent foreign adversaries from accessing sensitive U.S. data. Created earlier this year, the program seeks...more
Recent enforcement activities in California and Connecticut highlight that states are ready and willing to actively enforce their comprehensive privacy laws. These recent actions – which continue the trend of states ramping...more
On July 8, Connecticut Attorney General William Tong announced a settlement with TicketNetwork, Inc. for alleged violations of the Connecticut Data Privacy Act (CTDPA). The settlement is the first publicly announced...more
Now that we have passed the halfway mark in 2025, we are taking a look back at significant developments that have already occurred this year in the consumer data privacy landscape. Five more states’ comprehensive privacy laws...more
Connecticut continues to refine its data privacy act as it implements its first violation settlement. TicketNetwork, Inc., reached a settlement of $85,000 for deficiencies in its privacy notice to consumers. Despite receiving...more
On July 8, the DOJ’s National Security Division (NSD) will begin enforcing its Data Security Program according to a notice from April titled “Data Security Program Implementation and Enforcement Policy” which outlined the...more
Here are curated AG and federal regulatory news stories highlighting key areas in which state and federal regulators’ decisions are having an impact across the US: • AGs Renew Call for FDA Guidance on Toxic Heavy Metals in...more
Nebraska AG Mike Hilgers sued General Motors LLC and its subsidiary OnStar LLC (collectively, “GM”) over allegations that GM misled vehicle purchasers into enrolling in programs that collected and shared their driving data...more
20 Democratic AGs sued HHS and DHS for allegedly sharing personal health data with ICE. The complaint alleges that the Centers for Medicare & Medicaid Services—a division of HHS—transferred millions of individuals’ Medicaid...more
The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more
Welcome to this month’s issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security, & Data Protection practice....more
The US Department of Justice’s (DOJ’s) final rule implementing Executive Order (EO) 14117, Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern went...more
The Department of Justice (“DOJ”) implemented the Data Security Program (“DSP”) intending to prevent access to Americans’ bulk sensitive personal data and government-related data by Countries of Concern. The DSP is aimed at...more
The Italian Data Protection Authority has issued a new decision that further restricts employers’ ability to use information from third-party reports, private conversations, or social media posts as evidence in disciplinary...more
Editor’s Note: Europe’s regulatory landscape has undergone a fundamental transformation, extending far beyond GDPR’s foundational framework to encompass a complex ecosystem of interconnected laws governing digital platforms,...more
On July 8, 2025, the Department of Justice (“DOJ”) is set to lift its self-imposed pause on enforcing certain violations of its Rule Preventing Access to US Sensitive Personal Data and Government-Related Data by Countries of...more
A bipartisan coalition of 28 AGs have filed a lawsuit against 23andMe Holding Co. and 23andMe, Inc. (collectively “23andMe”) to protect human genetic data collected by the company from being sold without consumers’ consent as...more