Beyond the Bylaws: The Medical Staff Show - Need to Know: How to Manage Medical Staff Confidentiality and Privilege Protections
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Cross-border marketing of products or services by an overseas company (a body corporate incorporated outside of Bermuda) to customers in Bermuda could be construed as carrying on business in Bermuda and, if so, would be...more
Online retailers now face an increasingly complex matrix of state consumer-privacy statutes that impose prescriptive requirements on data collection, monetization, and cybersecurity practices. ...more
Businesses should expect to see “increased enforcement” from the California Privacy Protection Agency now that the agency has had four years to staff up and implement rules, the CPPA’s executive director said in an interview...more
In today's world, violations of individual privacy and secret disclosure are a serious problem. It may be eavesdropping, interception, recording, and the spreading of personal information without the consent of the other...more
In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more
Eight state regulators have established a coalition called the Consortium of Privacy Regulators to collaborate on the implementation and enforcement of their privacy laws. According to announcements from the California...more
The New York legislature passed its version of Washington’s My Health My Data Act (“WA MHMDA”) on January 22, 2025. Currently awaiting action by Governor Kathy Hochul, the New York Health Information Privacy Act (“NY HIPA”)...more
Dark Patterns come into focus as the California Privacy Protection Agency (CPPA) issues September 4 Enforcement Advisory. Recently, I attempted to cancel a digital subscription. While I expected the cancellation function...more
The Children’s Advertising Review Unit recently settled with KidGeni – a generative art platform intended for children- for allegedly violating both CARU’s guidelines and COPPA. According to CARU, which is a self-regulatory...more
Since 2011, I’ve attended the International Association of Privacy Professionals’ Global Privacy Summit in Washington, D.C. Each year one session gets everyone talking; this year the honor went to “Direct Insights from U.S....more
On April 1, 2024, the California Privacy Protection Agency (CPPA) issued its first enforcement advisory directing businesses to implement the data minimization principle when responding to consumer requests. The advisory was...more
Washington State and Nevada have now passed health data privacy laws that impose obligations relating to the collection, processing, and sharing of “consumer health data.” Both laws (collectively, State Health Data Privacy...more
In June, Texas became the tenth state with a comprehensive privacy law. The Texas Data Privacy and Security Act (“TDPSA”) contains familiar provisions from other state privacy laws regulating the collection, use, processing,...more
In the United States, the principle of data minimization is embedded firmly within the Federal Trade Commission (FTC) Act, through FTC enforcement activities, and in the host of state-level privacy laws and rules that have...more
The Florida Digital Bill of Rights (FDBR) was signed into law by Governor Ron DeSantis on June 6, 2023, making Florida the tenth state to enact a consumer data privacy law along with California, Virginia, Colorado,...more
Iowa has become the sixth state in the country to enact a comprehensive consumer privacy law, joining California, Virginia, Colorado, Connecticut, and Utah. The “Relating to Consumer Data Protection, Providing Civil...more
The California Attorney General (AG) made headlines in August by issuing a $1.2 million fine against online retailer Sephora to resolve allegations that the business violated the California Consumer Privacy Act (CCPA). This...more
On August 24, 2022, the California Attorney General (AG) announced a first-of-its-kind settlement with Sephora, Inc. (Sephora) over Sephora’s alleged violation of the California Consumer Privacy Act (CCPA). The settlement...more
California Attorney General Rob Bonta announced yesterday a settlement reached with beauty product retailer, Sephora, Inc. (Sephora), resolving allegations that Sephora violated various provisions of the California Consumer...more
Companies and consumers alike are under perpetual assault from bad actors as IoT, work from home, and cloud migration – all intended to improve productivity – have expanded the cyber attack surface. The continually evolving...more
On August 20, the People’s Republic of China became the latest global economic powerhouse to pass an omnibus privacy law. Titled the Personal Information Protection Law (“PIPL”), the law was adopted by the Standing Committee...more
On July 7, 2021, Colorado enacted a new privacy law, titled the Colorado Privacy Act (CPA). The CPA is the third state-level omnibus data privacy law, similar in scope to the California Consumer Privacy Act (CCPA) and the...more
Despite its antecedents in one of the most widely cited law review articles of all time from more than 130 years ago, modern United States privacy law is roughly twenty years old. Even though still in its relative infancy,...more
While still in its relative infancy, privacy law has quickly become a turbulent teenager, with constant change around the world. At a minimum, 2021 will require meaningful efforts to implement the changes of 2020, with a...more
Just a few months ago, compliance with the California Consumer Privacy Act (the CCPA) was at the top of many businesses’ priority lists for 2020. With the COVID-19 pandemic, many businesses put privacy compliance and the CCPA...more