Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
Reproductive health privacy is once again in the legal spotlight with a recent federal district court decision that struck down nearly all of a recent rule under the Health Insurance Portability and Accountability Act (HIPAA)...more
State attorneys general (AGs) are significantly ramping up their technical hiring to enforce a growing patchwork of state privacy laws—potentially creating an enforcement template for other tech enforcement areas like...more
In this Privacy, Cyber & AI Decoded alert, we cover Colorado’s Biometric Identifier Requirements, Delaware’s Data Protection Assessment Requirement, Minnesota’s new comprehensive privacy law going into effect, Tennessee’s...more
New York’s Child Data Protection Act (NYCDPA) has gone into effect, introducing sweeping new requirements for businesses that collect personal data from minors under 18. While New York has not yet joined the ranks of the...more
On June 23, the California attorney general released a letter it sent to U.S. Senate leaders urging the removal of a provision in the federal budget reconciliation bill, HR 1 — the “One Big Beautiful Bill Act” — that would...more
On June 22, 2025, Texas Governor Greg Abbott signed the Texas Responsible Artificial Intelligence Governance Act (TRAIGA or the Texas AI Act) into law. The new law goes into effect January 1, 2026. The law places obligations...more
Online retailers now face an increasingly complex matrix of state consumer-privacy statutes that impose prescriptive requirements on data collection, monetization, and cybersecurity practices. ...more
Businesses should expect to see “increased enforcement” from the California Privacy Protection Agency now that the agency has had four years to staff up and implement rules, the CPPA’s executive director said in an interview...more
Regulations matter, but until they’re enforced, they’re all just so many words (so, so many words) on paper. Businesses know that what really counts is whether, how, where, and when regulators enforce the law....more
When it comes to safeguarding health data, the Health Insurance Portability and Accountability Act (HIPAA) is paramount. HIPAA’s extensive reach encompasses nearly all healthcare providers and all health plans, affecting just...more
On May 8, Montana Governor Greg Gianforte signed into law Senate Bill 297 (SB 297), a bill that significantly revises the existing Montana Consumer Data Privacy Act (MCDPA). Although the MCDPA took effect on October 1, 2024,...more
On April 16, regulators from California, Colorado, Connecticut, Delaware, Indiana, New Jersey, and Oregon announced the creation of the Consortium of Privacy Regulators, a new collaborative effort focused on the...more
In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more
In a noteworthy step toward international privacy collaboration, the California Privacy Protection Agency (CPPA) has entered into a formal declaration of cooperation with the U.K. Information Commissioner's Office (ICO). This...more
The California Privacy Protection Agency announced this month that it, along with six other states, will be forming a new group called the “Consortium of Privacy Regulators.” (The other states are Colorado, Connecticut,...more
On April 16, attorneys general from seven states and a state agency announced that they were forming the Consortium of Privacy Regulators, a new effort to better protect consumers’ privacy. The Consortium consists of the...more
In today’s digital landscape, privacy policies have evolved from obscure legal documents into essential corporate governance tools. As data privacy regulations expand globally, organizations face increasing compliance...more
After years of proposed state privacy legislation, Massachusetts lawmakers are poised to once again consider enacting a comprehensive state consumer privacy law in the Commonwealth this legislative session. At a hearing of...more
Eight state regulators have established a coalition called the Consortium of Privacy Regulators to collaborate on the implementation and enforcement of their privacy laws. According to announcements from the California...more
As Oregon’s data privacy landscape continues to evolve, nonprofits must take note: the Oregon Consumer Privacy Act (OCPA) will apply to nonprofit organizations beginning on July 1, 2025. The grace period granted to nonprofits...more
This week in our March Privacy Forecast, we discuss privacy and data security enforcement trends at the state and federal levels. Particularly as state privacy laws continue to expand and evolve, companies should understand...more
On January 20, the US Department of Homeland Security (DHS) rescinded 2021 guidelines that previously designated hospitals, clinics, and other health care facilities as “protected areas” and limited immigration enforcement...more
The New York legislature passed its version of Washington’s My Health My Data Act (“WA MHMDA”) on January 22, 2025. Currently awaiting action by Governor Kathy Hochul, the New York Health Information Privacy Act (“NY HIPA”)...more
The New Jersey Data Protection Act (NJDPA), N.J. Stat. § 56:8-166.4 et seq., will go into effect on January 15, 2025, as New Jersey joins eighteen other states with comprehensive data privacy laws. ...more
The NJ Data Privacy Act takes effect tomorrow. The New Jersey Data Privacy Act is set to take effect tomorrow, January 15. The NJDPA was signed into law by Gov. Phil Murphy (D) on January 16, 2024. The NJDPA is similar to...more