Beyond the Bylaws: The Medical Staff Show - Need to Know: How to Manage Medical Staff Confidentiality and Privilege Protections
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
The DUAA introduces several reforms to UK data protection law, but their implications are relatively limited in practice. The Data (Use and Access) Act 2025 (the DUAA) was enacted on 19 June 2025 and amends rather than...more
The Data (Use and Access) Bill passed both Houses of UK Parliament and received Royal Assent on 19 June 2025, now becoming the Data (Use and Access) Act 2025 (“DUA Act”). This is the final iteration of the Data Protection and...more
As expected in the data privacy and digital space, 2024 shaped up to be a year full of guidance, consultations, regulatory focus areas and legislative updates. Artificial Intelligence (AI) remained a hot topic with...more
Countless hours are being spent categorizing cookies and other tracking technologies to work with consent management platforms, part of a purpose-built industry aiming to help companies deal with the increasingly complex and...more
This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK. 2024 has seen behavioural advertising and cookies continue to dominate the agenda of data...more
Article 5(3) of the EU ePrivacy Directive (ePD) requires consent for tracking cookies (unless exceptions apply). Although this rule is best known as the reason behind ‘cookie’ banners, it is technology neutral and applies to...more
The use of online tracking technologies for online behavioral advertising, analytics and related activities has come under increasing scrutiny by regulators in the U.S., Europe and elsewhere. The obligations under various...more
Welcome to the latest edition of Updata! Updata is an international report produced by Eversheds Sutherland’s dedicated Privacy and Cybersecurity team – it provides you with a compilation of key privacy and cybersecurity...more
When it comes to website privacy compliance, cookies have consistently presented the most fraught issues for U.S. businesses. This is especially true for those businesses that find themselves in a sometimes new or often...more
Please take note! 1.SchremsII and cross border transfers: Risk based, wherefore art thou? With the Google Analytics, Google Fonts, Amazon AWS, Google Workspace other cases, the SchremsII and DPA guidance is piling up....more
Many EU companies have their own ideas on what US Privacy laws mean for the, Here are three of the more common myths out there, busted. Myth 1: I don’t have physical presence in the US so the laws don’t apply to me....more
Last month, the European Center for Digital Rights (more commonly known as None of Your Business or “noyb”) launched a new campaign against the use of allegedly unlawful cookie banners by sending nearly 600 draft complaints...more
The regulation of cookies and similar tracking technologies is rapidly evolving, not only in the European Union and United Kingdom but also in the United States and globally. If you have visited a website recently, you might...more
According to the Council of the European Union, there are plans to move forward with replacing the Cookie Directive with the ePrivacy Regulation. Background on the ePrivacy Directive - While the General Data...more
CCPA / CPRA for US and EU businesses - Deep dive on CCPA's impact on European Businesses: A webinar for German and European businesses. Main Topics - Is my business affected by CCPA and why? - I am already GDPR...more
The Court of Justice of the EU ("CJEU") has declared that pre-ticked checkboxes cannot be used to gain valid consent from individuals, with respect to the dropping and reading of cookies. This decision further emphasises the...more
On October 1, 2019, the European Union Court of Justice notably ruled on the type of consent required by a consumer in order to store cookies on their device. The case involved a promotional online lottery organized by...more
Maybe. The GDPR does purport to allow data subjects to bring private rights of action. Likewise, certain implementations of the ePrivacy Directive, like the Privacy and Electronic Communications Regulations, allow for...more
French Data Protection Authority Issues Guidelines on Cookie Use - CNIL, France’s data protection authority, has released new rulesfor obtaining consumer consent under the GDPR for companies using cookies and other tracking...more
On July 18, 2019, the French Data Protection Authority (CNIL) issued new guidance on the use of cookies and similar tracking technologies (collectively referred to as “cookies” below). The guidance clarifies the instances in...more
Likely no. The placement of analytics or behavioural advertising cookies can only be accomplished when the basis for the placement of the cookies is the data subject’s consent. In order for consent to comply with the...more
Yes. European data privacy law distinguishes between session cookies that, for example, allow a website to function properly, and behavioural advertising cookies that are unnecessary for the functioning of the website. ...more
Data protection authorities in the UK and France have released updated guidance for website operators that use cookies on their websites. This new guidance may mandate changes to existing cookie banners and provides further...more
Federal US News - FTC Takes Action Against Companies Falsely Claiming Compliance With International Privacy Agreements - The FTC reached a settlement with a background screening company over allegations it falsely claimed...more
The guidance clarifies the interplay between the PECR and GDPR and provides practical steps to achieving cookie compliance. The UK’s data protection supervisory authority, the Information Commissioner’s Office (ICO),...more