Beyond the Bylaws: The Medical Staff Show - Need to Know: How to Manage Medical Staff Confidentiality and Privilege Protections
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
The UK Information Commissioner’s Office’s (the ICO’s) latest Annual Report summarises its accomplishments and priorities, including last year’s enforcement actions. Based on our review of the report, we see the ICO focusing,...more
On April 23 and 24, 2025, regulators, industry leaders and data privacy leaders from across the globe convened in Washington, D.C. for the 2025 International Association of Privacy Professionals (IAPP) Global Privacy Summit....more
Automated decision-making, or ADM, is used for a wide range of use cases that impact individuals — from processing insurance claims and credit scoring, to ranking job candidates and offering personalized pricing or targeted...more
On January 29, 2025, the General Court of the European Union delivered a significant judgment concerning the powers and competences of the European Data Protection Board ("EDPB"). The case involved the Data Protection...more
President Trump recently fired the three democrats on the Privacy and Civil Liberties Oversight Board (PCLOB). Since these firings bring the Board to a sub-quorum level, they have the potential to significantly disrupt...more
2024 was another year of substantial legislative and regulatory advances at the international, federal, and state levels with regard to data protection law. Artificial intelligence (AI) regulation continued to hurdle forward...more
On January 8, 2025, the second highest court of the European Union (EU), the General Court of the Court of Justice of the EU (the Court), ordered (in Bindl v European Commission, Case T-354/22) the European Commission (EC) to...more
The act of predicting what will become the dominating storyline of data privacy and cybersecurity in 2025 is a hazardous enterprise, as one is almost surely to get something wrong. Without fail, every year, regulators and the...more
Advancements in artificial intelligence and digitalization are changing the world of work at a rapid pace. In particular, when AI systems are used as workforce management tools, employers can automate a large number of tasks...more
U.S. privacy law continued to expand in 2024, both geographically and substantively. We now have 19 states with comprehensive consumer privacy laws (some of which are already in effect, while others become effective in...more
In Nuctech Warsaw (T-284/24), the EU Court of Justice held that EU subsidiaries can lawfully be required to provide access to email accounts and data held by their overseas parent company. The ruling involved the following...more
In Part I, we discussed the European Commission’s (“Commission”) disapproval of Meta’s “pay or consent” subscription model. In Part II, we delve into the European Commission’s findings, prior findings by the European Data...more
In May of this year, the UK Government passed the Digital Markets, Competition and Consumers Act (DMCC) into law. The DMCC is wide-ranging and covers three key areas: consumer law, digital markets, and merger and antitrust...more
On 1 July 2024, the European Commission (the ‘Commission’) announced its preliminary findings in an investigation of a leading social media platform, concluding that its ‘pay or consent’ advertising model implemented in the...more
The European Union seized the early global lead in regulating artificial intelligence (AI) by passing its AI Act on March 13, 2024, following a lengthy legislative process. Meanwhile, across the Atlantic, the U.S. Congress...more
In a groundbreaking move, the European Union has launched its bid to set the new comprehensive standard for the regulation of artificial intelligence (AI) with the European Parliament passing the EU AI Act on March 13, 2024....more
A recent EU court decision demonstrates a subtle difference between EU and US privacy laws, and may ultimately influence how US laws are interpreted. The decision of the EU General Court emanated from a court proceeding in...more
When I reflect on the relationship that our firm has with our clients, I’m most proud of the fact that you can always count on us. That often means defending complex litigation, steering you through regulatory threats,...more
Why should I read this? A new UK-US data bridge will be available to businesses in the UK looking to transfer personal data to organizations in the United States certified under the UK Extension to the EU-US Data Privacy...more
On July 4, 2023, the Court of Justice of the European Union (CJEU) issued a ruling in the case involving Meta Platforms Inc., Meta Platforms Ireland, and Facebook Deutschland (Meta). The judgement explores the intersection of...more
On March 16, 2023, the French Data Protection Agency (the “CNIL”) imposed a fine of € 25,000 on the company CITYSCOOT in connection with a finding that CITYSCOOT failed to comply with the obligation to ensure data...more
On March 31, 2023, Italy’s privacy regulator (the “Garante”), announced an immediate temporary limitation on the processing of data of individuals residing in Italy by OpenAI’s ChatGPT, the popular artificial intelligence...more
2022 was yet another eventful year in terms of GDPR compliance. The continued evolution of the enforcement landscape, with increasing number of sanctions and individuals exercising their rights required time and attention...more
When it comes to website privacy compliance, cookies have consistently presented the most fraught issues for U.S. businesses. This is especially true for those businesses that find themselves in a sometimes new or often...more
Meta Ireland (Meta) has recently been issued with two fines by the Irish Data Protection Commission (DPC) for breaches of the EU General Data Protection Regulation (GDPR) relating to advertisements run on its Facebook and...more