We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
"Monsters Inc." y el tratamiento de los datos
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] You Are Here: First Steps in Data Mapping
Fintech Focus Podcast | What Does AI Safety Mean For Fintechs?
The FTC's Health Privacy Enforcement Actions
The FTC and DOJ Act Against Amazon to Protect Privacy
Law Brief®: Rich Schoenstein and Annmarie Giblin Discuss Cyber Law
Biometric Litigation
Podcast - The FTC Agenda & Data Privacy
Webinar Recording – The Colorado Privacy Act and Draft Rules
2022 DSIR Report Deeper Dive: Personal Data Deletion
Many U.S. states have recently added provisions regarding “minors” that greatly exceed what is required under the Children’s Online Privacy Protection Act (COPPA). In short, the new laws generally apply to people under 18,...more
The state legislatures remain extremely active on privacy legislation this year. One new state comprehensive privacy law took effect on July 1, one takes effect July 31, and a third will take effect on October 1....more
July 23, 2025 Mark D. Metrey On July 8, 2025, Connecticut Attorney General William Tong announced the state's first public enforcement action under the Connecticut Data Privacy Act (CTDPA) against TicketNetwork, Inc....more
Recent enforcement activities in California and Connecticut highlight that states are ready and willing to actively enforce their comprehensive privacy laws. These recent actions – which continue the trend of states ramping...more
On July 8, Connecticut Attorney General William Tong announced a settlement with TicketNetwork, Inc. for alleged violations of the Connecticut Data Privacy Act (CTDPA). The settlement is the first publicly announced...more
Now that we have passed the halfway mark in 2025, we are taking a look back at significant developments that have already occurred this year in the consumer data privacy landscape. Five more states’ comprehensive privacy laws...more
Connecticut continues to refine its data privacy act as it implements its first violation settlement. TicketNetwork, Inc., reached a settlement of $85,000 for deficiencies in its privacy notice to consumers. Despite receiving...more
Here are curated AG and federal regulatory news stories highlighting key areas in which state and federal regulators’ decisions are having an impact across the US: • AGs Renew Call for FDA Guidance on Toxic Heavy Metals in...more
Nebraska AG Mike Hilgers sued General Motors LLC and its subsidiary OnStar LLC (collectively, “GM”) over allegations that GM misled vehicle purchasers into enrolling in programs that collected and shared their driving data...more
20 Democratic AGs sued HHS and DHS for allegedly sharing personal health data with ICE. The complaint alleges that the Centers for Medicare & Medicaid Services—a division of HHS—transferred millions of individuals’ Medicaid...more
In Part One of this FAQ series, we break down Virginia's Senate Bill 754, Consumer Protection Act; prohibited practices, etc., reproductive or sexual health information (Act), which amends the Virginia Consumer Protection Act...more
A bipartisan coalition of 28 AGs have filed a lawsuit against 23andMe Holding Co. and 23andMe, Inc. (collectively “23andMe”) to protect human genetic data collected by the company from being sold without consumers’ consent as...more
States everywhere are considering whether and how to best regulate business use of artificial intelligence (“AI”). While the California Privacy Protection Agency (“CPPA”) recently struck all references to AI from its proposed...more
In this episode of the Regulatory Oversight podcast, Stephen Piepgrass welcomes David Navetta, Lauren Geiser, and Dan Waltz to discuss the $51.75 million nationwide class settlement involving Clearview AI and its broader...more
On April 29, Michigan Attorney General (AG) Dana Nessel filed a lawsuit against Roku, Inc. (Roku), the smart TV and device provider and streaming service, alleging that Roku collects and monetizes personal data from children...more
In case you missed it: Michigan’s Attorney General has filed a lawsuit against Roku, alleging that the company collects and shares children’s personal data and video viewership data in violation of COPPA and the VPPA,...more
On May 9, the Office of the Attorney General for Texas announced it reached a $1.375 billion settlement with a tech company for the violation of Texas data privacy laws. The lawsuit alleged unlawful tracking of users’ private...more
Texas AG Ken Paxton announced a settlement in principle with Google LLC to resolve allegations of data privacy and security violations. The settlement will resolve lawsuits filed by Texas against Google for allegedly...more
Businesses operating across the U.S. should pay close attention to the rapidly evolving consumer privacy landscape. To date, 20 states, including Oregon, have enacted comprehensive consumer privacy laws, with 14 already in...more
Oregon consumers submitted more than 100 privacy complaints to the state’s justice department within six months of the Oregon Consumer Privacy Act (OCPA) taking effect, and businesses subject to the new law need to take note....more
With attention on Democratic Attorneys General vowing to fill the void left by weakened federal regulators, and perhaps a more partisan divide on enforcement generally, a bipartisan consensus is quietly emerging in the states...more
Comprehensive state privacy laws often task a state regulator to promulgate accompanying regulations that clarify the law’s requirements and to enforce the law by providing further guidance through its enforcement actions....more
Arkansas AG Tim Griffin sued General Motors LLC and its subsidiary OnStar LLC (collectively, “GM”) over allegations that GM misled vehicle purchasers into enrolling in programs that collected and shared their driving data...more
On February 21, 2025, a federal district court judge from the Southern District of New York issued a preliminary injunction against the Department of Government Efficiency’s (DOGE), access to Treasury Department payment...more
Introduction - Most businesses are aware of historical restrictions or limitations on selling personal information to third parties for monetary consideration....more