Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
"Monsters Inc." y el tratamiento de los datos
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] You Are Here: First Steps in Data Mapping
Fintech Focus Podcast | What Does AI Safety Mean For Fintechs?
The FTC's Health Privacy Enforcement Actions
The FTC and DOJ Act Against Amazon to Protect Privacy
Law Brief®: Rich Schoenstein and Annmarie Giblin Discuss Cyber Law
Biometric Litigation
Podcast - The FTC Agenda & Data Privacy
Webinar Recording – The Colorado Privacy Act and Draft Rules
In response to 2024 legislative amendments to the Colorado Privacy Act (CPA), Colorado’s Department of Law (CO DOL) has issued a Notice of Proposed Rulemaking, proposing draft amendments to the CPA rules (Proposed Rules)...more
Key point: Colorado’s Department of Law is soliciting public comments through September 5, 2025, on revised privacy rules to protect minors’ personal data and online privacy. On July 29, the Colorado Department of Law issued...more
If your business operates a website or provides online services that collect data about children, you should be aware of expanding legal requirements from U.S. states regulating how private companies interact with minors....more
Many U.S. states have recently added provisions regarding “minors” that greatly exceed what is required under the Children’s Online Privacy Protection Act (COPPA). In short, the new laws generally apply to people under 18,...more
Vermont’s new “Kids Code” hopes to improve children’s safety online by regulating the privacy, design, and data use of certain entities providing online services and collecting data about minors....more
New York ‘s Child Data Protection Act, available here, took effect on June 20. This is a landmark piece of legislation designed to enhance the online privacy and safety of minors. As concerns over children’s digital...more
Vermont has joined the list of states attempting to regulate the use of children’s information collected online, passing an Age-Appropriate Design Code Act. This law mirrors ones we have seen in other US states as well as the...more
On June 20, 2025, the New York Child Data Protection Act (CDPA) took effect, ushering in some of the most comprehensive child and teen privacy protections in the United States. The law applies to operators of websites, apps,...more
On June 12, 2025, Vermont Governor Phil Scott signed the Vermont Age-Appropriate Design Code Act (AADC), which will impose a range of obligations on businesses that offer online products, services, or features likely to be...more
Vermont recently adopted the Vermont Age-Appropriate Design Code Act, which goes into effect on January 1, 2027. The law is enforceable by the Vermont Attorney General as an unfair or deceptive act or practice. The Attorney...more
On April 21, 2025, Arkansas Governor Sarah Huckabee Sanders signed HB 1717 into law. HB 1717, which will take effect on July 1, 2026, prohibits operators of online services “directed at children” or operators with “actual...more
Keypoint: It was a very active week with movement on numerous bills, in particular in Virginia, as well as new bills introduced across the country. Below is the fifth weekly update on the status of proposed state privacy...more
The CNIL has published its strategic plan for the period of 2025-2028. This is typical of the CNIL, who regularly inform its stakeholders of its priorities....more
Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more
On August 1, 2024, New York Attorney General (“AG”) Letitia James issued two advanced notices of proposed rulemaking (“ANPRs”) for the Stop Addictive Feeds Exploitation (SAFE) for Kids Act (the “SAFE Act”) and the Child Data...more
On July 30, 2024, in a 91-3 vote, the U.S. Senate passed the bill for the Kids Online Safety and Privacy Act (the “Bill”). The Bill, which combines the bills for the Kids Online Safety Act (“KOSA”) and the Children and Teens’...more
On July 7, the FTC and the Los Angeles District Attorney’s Office filed a complaint in the United States District Court for the Central District of California against the developer of an anonymous messaging app (NGL Labs,...more
On June 18, 2024, California Attorney General (“AG”) Rob Bonta and Los Angeles City Attorney Hydee Feldstein Soto announced a settlement with a video game developer and publisher regarding allegations that the company...more
The Brazilian Data Protection Authority (“ANPD”) recently released a public consultation seeking answers from the public to questions the ANPD is making available until July 17, 2024. The answers will help the ANPD build its...more
The Federal Trade Commission (FTC) released a Notice of Proposed Rulemaking (“NPRM”) on December 20, 2023 that proposes changes to the Children’s Online Privacy Protection Act Rule (“COPPA Rule”). COPPA, in effect since 2000,...more
Online services have until 31 May to respond to 16 draft standards of age-appropriate design. The ICO is required by s123 of the Data Protection Act 2018 to prepare a code of practice which contains guidance on standards...more