Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
The California attorney general’s (AG) July 1, 2025, proposed settlement with Healthline Media LLC (Healthline) marks the third cookie-related California Consumer Privacy Act (CCPA) settlement in as many months (alongside the...more
In a record-setting enforcement action under the California Consumer Privacy Act (CCPA), the California Attorney General (AG) announced a $1.55 million settlement with Healthline Media, a popular online publisher of health...more
New Jersey recently released draft privacy regulations, and there is a lot to unpack and process. In this three-part series, I will break down the regulations - Part 1: The New Personal data: • Scraping is carved...more
As privacy enforcement ramps up, effectively managing opt-out requirements under state privacy laws is a top risk mitigation measure. But complying with opt-outs is not just a matter of providing a consumer-facing opt-out...more
A national leader in privacy law, California was among the first states to include an express right to privacy in its constitution, create a data breach notification law, and codify robust consumer data protections. ...more
On June 3, 2025, the California Senate passed Senate Bill 690 ("SB 690") in a unanimous 35-0 vote, advancing a measure that would significantly limit lawsuits under the California Invasion of Privacy Act ("CIPA") against...more
On June 3, 2025, the California Senate unanimously passed Senate Bill 690 (SB 690), a bill that seeks to add a “commercial business purposes” exception to the California Invasion of Privacy Act (CIPA)....more
California is a bellwether for privacy laws, which is why we’ve been watching carefully as recent events suggest that business-friendly interests may be gaining a foothold in what has historically been one of the most...more
New Jersey’s Office of Consumer Protection has prepared proposed rules for the New Jersey Data Privacy Act (NJDPA) (Proposed Rules). While the bulk of the Proposed Rules consist of recitations of the obligations found in the...more
A pair of recent enforcement actions by the California Privacy Protection Agency (CPPA) unveiled the agency’s latest enforcement priorities for business-to-consumer companies. In March 2025, the CPPA announced a settlement...more
On May 1, 2025, the California Privacy Protection Agency (CPPA) issued a final order against clothing retailer, Todd Snyder, for violations of the California Consumer Privacy Act (CCPA). The enforcement action targeted the...more
Regulations matter, but until they’re enforced, they’re all just so many words (so, so many words) on paper. Businesses know that what really counts is whether, how, where, and when regulators enforce the law....more
On April 21, 2025, the United States Court of Appeals for the Ninth Circuit, sitting en banc, issued a decision in Briskin v. Shopify, Inc. substantially broadening the exercise of personal jurisdiction over online businesses...more
Another month brings another California Privacy Protection Agency (CPPA) enforcement action, the agency's second enforcement action under the California Consumer Privacy Act (CCPA)....more
Keypoint: Last week, Oregon’s legislature passed a bill to amend the state’s consumer data privacy law, the Connecticut Senate passed two bills, and there were developments with bills in New Jersey, Nebraska, Texas,...more
For the second installment of this series on the new California Consumer Privacy Act (CCPA) Regs, we are looking at consumer request processes. One major eye opener: Tracker opt-outs must be immediate and you may not be...more
New California Consumer Privacy Act (CCPA) Regs are here, with comments open until June 2. There are a lot of issues to address, and a lot of work for companies to implement. We are talking about billions of dollars in...more
Keypoint: In its second non-data broker enforcement action for violations of the CCPA, the California Privacy Protection Agency entered into a stipulated final order with a retailer for a $345,178 administrative fine and...more
Wild, wild, west? Web tracking may be the new frontier in class action litigation. With thousands of lawsuits filed in California and increasingly in other states against organizations, including many who may not realize the...more
In Shah v. Capital One Financial Corporation, the Northern District of California handed down a ruling that may shape the trajectory of litigation involving tracking technologies, online privacy policies, and California’s...more
On April 16, data privacy law regulators in seven states announced the creation of the Consortium of Privacy Regulators, a bipartisan group of state regulators seeking to “share expertise and resources, as well as coordinate...more
IAPP’s Global Privacy Summit in DC this week has featured panels with several state regulators charged with enforcing their state’s privacy laws, including regulators from California, Colorado, Connecticut, and Oregon. The...more
In today’s digital landscape, privacy policies have evolved from obscure legal documents into essential corporate governance tools. As data privacy regulations expand globally, organizations face increasing compliance...more
Topics that we often discuss on this blog are the use of third-party tracking tools and the California Invasion of Privacy Act (“CIPA”). Less discussed of late, however, is the California Consumer Privacy Act (“CCPA”) which,...more
In two recent rulings, judges in the U.S. Northern District of California have allowed proposed class actions under the California Consumer Privacy Act (CCPA) to proceed without an allegation of a data breach, departing from...more