The Road to Regulation: Vehicle Service Contracts Explained — Moving the Metal: The Auto Finance Podcast
Beyond the Bylaws: The Medical Staff Show - Need to Know: How to Manage Medical Staff Confidentiality and Privilege Protections
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
The annual review and update (if necessary) of privacy notices just got an upgrade to a “must do.” This provision, found in California Consumer Privacy Act from the beginning, requires companies to assess their data...more
As an attorney focused on technology transactions and counseling, I approach new technologies with both curiosity and caution. Like many lawyers, I tend to be skeptical until I fully understand how something works....more
With the continued absence of comprehensive federal privacy legislation after nearly 20 years of debate, state attorneys general (AGs) are increasingly asserting their role as primary regulators in the data privacy space....more
As the 2025 summer heat continues and as state privacy laws continue to mature, enforcement actions are beginning to shape the compliance landscape for businesses nationwide—from the coast of California to the shores of...more
Connecticut Attorney General William Tong recently announced the state’s first-ever enforcement settlement under the Connecticut Data Privacy Act (CTDPA) with TicketNetwork, Inc., an online ticket marketplace. The settlement...more
As federal privacy enforcement shows signs of slowing, states are aggressively stepping in to fill the void. On July 1, 2025, the California attorney general (AG) announced a $1.55 million settlement with Healthline Media,...more
In its first fine for violations of the Connecticut Data Privacy Act (“CDPA”), the state's omnibus data privacy law, the Connecticut Attorney General (“CT AG”) chose to make an example of deficient privacy notices....more
On July 8, Connecticut Attorney General William Tong announced a settlement with TicketNetwork, Inc. for alleged violations of the Connecticut Data Privacy Act (CTDPA). The settlement is the first publicly announced...more
Connecticut continues to refine its data privacy act as it implements its first violation settlement. TicketNetwork, Inc., reached a settlement of $85,000 for deficiencies in its privacy notice to consumers. Despite receiving...more
State attorneys general and regulatory agencies continue to enforce against violations of comprehensive state privacy laws, as demonstrated by recent enforcement actions by the California and Connecticut Attorneys General and...more
Connecticut Attorney General William Tong recently announced his office’s first enforcement action for violations of the Connecticut Data Privacy Act. “This law has now been in effect for two years,” Tong said in a...more
Utah AG Derek Brown and the Utah Division of Consumer Protection jointly sued Snap, Inc., the parent company of Snapchat, facilitating child sexual exploitation and sextortion through its design features and recommendation...more
Welcome to this month’s issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security, & Data Protection practice....more
The California attorney general’s (AG) July 1, 2025, proposed settlement with Healthline Media LLC (Healthline) marks the third cookie-related California Consumer Privacy Act (CCPA) settlement in as many months (alongside the...more
Readers of this blog are not strangers to Daniel’s Law lawsuits filed by Atlas Data Privacy Corporation (“Atlas”). While waiting for the Third Circuit Court of Appeals to decide whether Daniel’s Law is constitutional, a New...more
New York’s Child Data Protection Act (NYCDPA) has gone into effect, introducing sweeping new requirements for businesses that collect personal data from minors under 18. While New York has not yet joined the ranks of the...more
Nebraska AG Mike Hilgers sued PDD Holdings Inc. and WhaleCo Inc., d/b/a Temu, alleging that Temu’s shopping app operates as malware designed to gain unauthorized access to users’ data in violation of state consumer protection...more
We are in an era where smartphones track sleep patterns, fitness apps monitor heart rates, and online searches reveal sensitive medical inquiries. As a result, the notion of “health data” has expanded dramatically. This...more
Five new state privacy laws took effect in January 2025—Delaware (DPDPA), Iowa (ICDPA), Nebraska (NDPA), New Hampshire (NHPA), and New Jersey (NJDPA)—adding to the compliance maze for businesses operating across state lines....more
The Attorney Generals of California, Connecticut, Delaware, New Jersey, Oregon and Vermont wrote a letter June 23, 2025 to Senate Majority Leader John Thune and Senate Minority Leader Chuck Schumer, objecting to a proposed AI...more
On June 22, 2025, Texas Governor Greg Abbott signed the Texas Responsible Artificial Intelligence Governance Act (TRAIGA or the Texas AI Act) into law. The new law goes into effect January 1, 2026. The law places obligations...more
The intersection of privacy, cybersecurity, and AI is reshaping risk and regulation in fintech. In a recent episode of The Fintech and Blockchain Podcast, our team explored how fast-moving developments—from AI-powered...more
Nebraska’s governor signed a bill into law that, among other things, creates the Parental Rights in Social Media Act. The provisions of the law will go into effect July 1, 2026, unless challenged. The law is similar to...more
Businesses should expect to see “increased enforcement” from the California Privacy Protection Agency now that the agency has had four years to staff up and implement rules, the CPPA’s executive director said in an interview...more
The attorneys general in Arkansas and Indiana are the most recent AGs to file lawsuits under their respective state laws protecting the privacy of driver data. We previously reported that the state of Texas filed a similar...more