Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
"Monsters Inc." y el tratamiento de los datos
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] You Are Here: First Steps in Data Mapping
Fintech Focus Podcast | What Does AI Safety Mean For Fintechs?
The FTC's Health Privacy Enforcement Actions
The FTC and DOJ Act Against Amazon to Protect Privacy
Law Brief®: Rich Schoenstein and Annmarie Giblin Discuss Cyber Law
Biometric Litigation
Podcast - The FTC Agenda & Data Privacy
Webinar Recording – The Colorado Privacy Act and Draft Rules
In August 2024, Brazil’s Data Protection Agency—Autoridade Nacional de Proteção de Dados (ANPD)—issued the International Transfer Regulations, including the Standard Contractual Clauses (SCCs) template. The SCCs are currently...more
California has approved new regulations requiring some companies to conduct annual audits of their cybersecurity programs, including the policies, procedures, and practices for protecting personal information. On July 24,...more
In this Privacy, Cyber & AI Decoded alert, we cover Colorado’s Biometric Identifier Requirements, Delaware’s Data Protection Assessment Requirement, Minnesota’s new comprehensive privacy law going into effect, Tennessee’s...more
New Jersey recently released draft privacy regulations, and there is a lot to unpack and process. In this three-part series, I will break down the regulations - Part 1: The New Personal data: • Scraping is carved...more
On July 8, 2025, the Department of Justice (“DOJ”) is set to lift its self-imposed pause on enforcing certain violations of its Rule Preventing Access to US Sensitive Personal Data and Government-Related Data by Countries of...more
With the use of artificial intelligence (“AI”) becoming more pervasive every day, it should not surprise our readers that regulators are increasingly focused on the use of AI and its associated consumer data privacy...more
Pursuant to a newly effective U.S. Department of Justice (DOJ) regulation, the transfer and storage of certain sensitive U.S. government and personal data may be prohibited or restricted, depending on the intended recipient,...more
India’s Ministry of Electronics and Information Technology (MeitY) released in June 2025 a Business Requirement Document for Consent Management Under the DPDP Act, 2023 (BRD). The BRD, while not legally binding, provides...more
China rolled out its “new,” streamlined cross-border data transfer (CBDT) regime on March 22, 2024, with the issuance by the Cyberspace Administration of China (CAC) of the Provisions on Facilitating and Regulating...more
Here are some recent privacy and cybersecurity related news stories that caught our attention over the past couple of weeks. California Privacy Protection Agency (CPPA) Issues New Proposed Regulations - The CPPA has...more
The new Department of Justice (DOJ) rule governing international transfers of Americans’ information, codified at 28 C.F.R. Part 202, became effective on April 8, 2025....more
On April 11, the Department of Justice issued an extensive set of FAQs on its Bulk Data Access Rule and advised that it “will not prioritize civil enforcement actions against any person for violations” of the Rule through...more
As companies increasingly leverage automated technologies in their recruiting and hiring processes, legislators and regulators are increasingly focused on establishing guardrails to ensure fairness. As a result, companies...more
Many “good government” initiatives continue to be enacted or implemented on Capitol Hill or in the Executive Branch — notwithstanding changes in political control. While working on Capitol Hill, the bulk of the legislative...more
El pasado 20 de marzo de 2025 se publicó la nueva Ley Federal de Protección de Datos Personales en Posesión de los Particulares (“LFPDPPP”) que entró en vigor el 21 de marzo del presente año y que contiene importantes cambios...more
On March 20, 2025, the new Federal Law on the Protection of Personal Data Held by Private Parties (FLPPD) was published. This law came into force on March 21, and contains important changes in terms of privacy....more
The Colorado Department of Law adopted new regulations governing the collection and use of biometric identifiers and information about those under the age of 18 and put in place a new mechanism through which businesses can...more
Things happen quickly in the world of data privacy. With new laws being enacted, regulations continuing to develop and enforcements an ongoing reality, we thought a brief update on recent developments in U.S. comprehensive...more
The Personal Data Protection (Amendment) Bill 2024 (“PDPB”) was at last passed by the Malaysian Parliament at the end of July. After Royal Assent and publishing, it will become law (on a date to be determined by the Minister...more
Rhode Island has become the 19th U.S. state to enact a comprehensive privacy law. On June 25, Rhode Island Governor Daniel McKee (D) transmitted the Rhode Island Data Transparency and Privacy Protection Act (RI-DTPPA) into...more
With state privacy laws continuing to increase, will the federal American Privacy Rights Act be adopted? Over 18 states have now enacted comprehensive state privacy laws, three of which go into effect on July 1, 2024, in...more
On May 24 2024, Senate Bill 4757, a bill for an act relating to commerce containing the Minnesota Consumer Data Privacy Act (the 'Act'), was approved by the Governor of Minnesota. The Act, which becomes effective on July 31...more
On May 9, Maryland became the second state to enact an (AADC), the Maryland Kids Code, alongside the Maryland Online Data Privacy Act (MODPA) — Maryland’s first comprehensive data privacy bill. Maryland’s AADC follows...more
On 17 April, 2024, Nebraska Governor Jim Pillen signed into law omnibus Legislative Bill 1074, which includes the Nebraska Data Privacy Act, making Nebraska the seventeenth state to adopt comprehensive data privacy...more
Nebraska’s governor has now signed into law the state’s “comprehensive” privacy law making it the fourth one this year, and the 17th overall. It will take effect on January 1, 2025 – the same day as Delaware, Iowa, and New...more