Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
The UK Information Commissioner’s Office’s (the ICO’s) latest Annual Report summarises its accomplishments and priorities, including last year’s enforcement actions. Based on our review of the report, we see the ICO focusing,...more
Don’t miss this complimentary webinar spotlighting the five most pressing regulatory developments reshaping compliance in Canada’s financial sector. From board-level liability, to shifting enforcement priorities, get up to...more
Switzerland's National AI Strategy sets out guidelines for the use of AI, and aims to finalize an AI regulatory proposal in 2025. Laws/Regulations directly regulating AI (the “AI Regulations”) There are no specific laws,...more
An increasingly aggressive plaintiffs’ bar has brought purported class action suits based on the nearly ubiquitous use of tracking technologies used for website analytics. Although any actual harm to the plaintiffs is...more
New York ‘s Child Data Protection Act, available here, took effect on June 20. This is a landmark piece of legislation designed to enhance the online privacy and safety of minors. As concerns over children’s digital...more
As data protection regulations evolve and employee rights awareness grows, organisations are seeing a significant uptick in Data Subject Access Requests (DSARs). Pursuant to Article 15 of the UK and EU General Data Protection...more
As questions of trust, surveillance, and data sovereignty become central to global trade, businesses face mounting pressure to prove not just compliance but true accountability. That’s why we turned to Constantine...more
Organizations must continuously review and refine their data governance strategies to keep pace with a regulatory environment that is shifting at an unprecedented rate. In response to mandates for stronger compliance...more
Health Policy Fireside Chat: What to Expect from the New Administration - Bill Mathias, Member at Bass, Berry & Sims, engaged in a fireside chat with Colin Roskey, Principal at FHP Strategies, former Deputy Assistant...more
To commemorate the six months since the Oregon Consumer Privacy Act (“OCPA”) became effective, Oregon Attorney General Dan Rayfield released earlier this month a Report summarizing complaints received from consumers about...more
This week in our March Privacy Forecast, we discuss a growing trend at both the federal and the state level – new laws and regulations that specifically target data brokers. At the federal level, two new legal frameworks...more
On March 10, 2025, the Belgian Data Protection Authority (BDPA) updated its 2020 guidance on the processing of personal data for direct marketing purposes (see the updated guidance here in French and in Dutch)....more
The European Data Protection Board (EDPB) has launched its 2025 enforcement sweep targeting organizations’ compliance with data subjects’ right of erasure (right to delete or be forgotten), focusing particularly on how...more
Digital health care companies have navigated a wave of new developments at the Federal Trade Commission (FTC) over the past few years. With new leadership in the Trump Administration, the FTC may be poised to change some of...more
A HIPAA compliance assessment is an evaluation of an organization's practices, policies, and procedures to ensure that they align with requirements from the Health Insurance Portability and Accountability Act (“HIPAA”). It...more
The California Privacy Protection Agency (CPPA) has reached a settlement with American Honda Motor Co., Inc. (Honda), as outlined in this Order of Decision. The Order is the CPPA’s first public enforcement action involving a...more
Chile has amended its data privacy law granting significant rights to data subjects, and imposing stricter obligations on data controllers and processors. Published in the Official Gazette (Diario Oficial) on December 13,...more
The California Privacy Protection Agency (CPPA) has issued its first Order of Decision to American Honda Motor Co. in an enforcement action under the California Consumer Privacy Act (CPPA). Although the investigation arose...more
With 13 comprehensive state privacy laws already in effect, the state privacy law landscape is complex. While there are several common threads throughout many of these frameworks that can allow companies to implement a...more
Generative AI is incredibly popular. So popular that many GenAI tools now have browser extensions that work across all open pages of the browsers upon which they are installed. They helpfully summarize pages, highlight...more
On March 12, 2025, the California Consumer Privacy Protection Agency (CPPA or Agency) announced a settlement with an auto manufacturer, marking the Agency’s first enforcement action under the California Consumer Privacy Act...more
A groundbreaking law in Utah is poised to shake up how minors access apps. Earlier this month, Utah’s state legislature passed S.B. 142 (App Store Accountability Act), which requires major app store providers to verify users’...more
On February 10, 2025, the first class action complaint was filed under Washington state’s My Health My Data Act (“MHMDA”), over a year after the law was passed. See Maxwell v. Amazon.com, Inc. et al., Case No. 2:25-cv-261...more
Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more
The office of the Oregon Attorney General recently releases a six-month enforcement report regarding the Oregon’s Consumer Privacy Act (OCPA). What are we discussing with our clients?...more