Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
For community associations, this is especially important as these organizations often manage large amounts of PII of homeowners and residents (e.g., name, address, phone number, etc.), including certain categories of...more
In our annual Cyber Looking Ahead Guide, we share key insurance market themes that emerged in 2024 and offer our predictions for 2025. Here are the trends we examine in the Guide: We also explore some pressing topics we...more
23andMe agreed to pay $30 million and provide three years of security monitoring to settle a lawsuit accusing the genetics testing company of failing to protect the privacy of 6.9 million customers whose personal information...more
On February 26, 2024, the National Institute of Standards and Technology (NIST) released the NIST Cybersecurity Framework 2.0 (CSF 2.0). CSF 2.0 represents the first major update to the Cybersecurity Framework, which was...more
In our June Privacy & Cybersecurity Update, we review new data privacy laws in Colorado, Connecticut, Florida and Montana; Verizon’s annual Data Breach Investigations Report; AM Best’s report on cyber insurance trends; and...more
Washington state recently passed the My Health My Data Act (the Act), which will almost certainly lead to an explosion of consumer lawsuits and follow-on insurance coverage disputes. The measure is intended to protect...more
In this month’s Privacy & Cybersecurity Update, we review new consumer privacy laws in Tennessee and Indiana, three GDPR rulings by the Court of Justice of the European Union, updates regarding future California Privacy...more
In this month’s Privacy & Cybersecurity Update, we examine the European Commission’s draft adequacy decision on the EU-U.S. Data Privacy Framework, as well as guidance from the U.K. Information Commissioner’s Office on...more
As many businesses prepare to renew their insurance policies, considerations of consumer privacy rights ought to be top of mind. The Colorado Privacy Act - Scope - Foley Hoag has previously written about the Colorado...more
In 2023, five new state privacy laws will become effective. How will these new laws affect your business? Currently, privacy laws in the United States include a patchwork of state laws as well as some industry- or...more
Despite the great strides companies have made to mitigate the risks associated with security breaches, including putting insurance in place to cover those risks, cyber criminals have remained two steps ahead, finding new and...more
Cyberattacks are exploding. The coronavirus pandemic has further exposed cyber vulnerabilities due to remote work and the increasing use of underprotected devices. Ransomware attacks are increasingly becoming the cyberattack...more
Cannabis businesses have cyber security and privacy risks. While the risks are varied, many arise from the businesses’ holding of highly sensitive consumer information or confidential data about business partners. Cannabis...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the California attorney general's final regulations for the California Consumer Privacy Act and a ruling by the Indiana Court of Appeals involving...more
Cannabis businesses that are collecting consumer data need to be in compliance with California’s privacy laws, including the California Consumer Privacy Act (CCPA). Join our discussion as we cover: - Patterns that have...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the Seventh Circuit's ruling finding standing for an Illinois Biometric Information Privacy Act claim, the European Data Protection Board's updated...more
Shook Weighs in on Updated CCPA Regulations - In response to extensive public comment, the California Attorney General’s office released modified draft regulations under the CCPA on February 7. Shook has provided initial...more
Cybersecurity and Privacy - Despite cries from corporations and privacy advocates across America for a unified federal privacy law, the nation’s toughest privacy law—the California Consumer Privacy Act (CCPA)—went into...more
In this month's edition, we examine the California attorney general's proposed modified regulations under the CCPA, the Treasury Department's new CFIUS regulations, and the SEC Office of Compliance Inspections and...more
Now that the CCPA is in effect, some companies will need to revise their policies. The cyber insurance markets are beginning to adapt to the new California Consumer Privacy Act (CCPA) which went into effect on January 1. ...more
Whether in connection with their marketing programs or other data-driven initiatives, nonprofit organizations are becoming more reliant on the data of their customers. Those that are collecting consumer data need to be aware...more
With the expansion of privacy legislation—from the General Data Protection Regulation (GDPR) in Europe to the coming California Consumer Privacy Act (CCPA) in the United States—cyber liability insurance is taking on increased...more
In this month's Privacy & Cybersecurity Update, we examine several recent U.K.-related cybersecurity developments and the SEC's risk alert reminding investment advisers and broker-dealers to follow through on implementing...more
Be prepared—new statutory claims may not be covered under existing policies. In June 2018, California enacted the toughest data privacy law in the United States. Companies doing business in California may have to make...more
In this month's edition of our Privacy & Cybersecurity Update, we examine California's new sweeping privacy law, two U.S. agencies' report on "botnet" threats and the European Parliament's call to suspend the Privacy Shield....more