Beyond the Bylaws: The Medical Staff Show - Need to Know: How to Manage Medical Staff Confidentiality and Privilege Protections
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
At the end of 2024 the Italian Data Protection Authority issued a 15 million euro fine in the first generative AI-related case brought under GDPR. According to Garante (the Italian authority), OpenAI trained ChatGPT with...more
This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK. 2024 has seen behavioural advertising and cookies continue to dominate the agenda of...more
Dutch data privacy officials recently imposed a staggering penalty on Uber – €290 million ($324 million) – for allegedly breaching the European Union’s comprehensive data privacy and security law. This groundbreaking fine is...more
On 25 July 2024, the EU Commission published its second report on the application of the GDPR (the ‘Second Report’), following its first report published in 2020....more
Privacy regulators, including the EU data protection authorities (EU DPAs), are expected to increase their scrutiny of data scraping to train AI algorithms. Data scraping involves the collection of large amounts of publicly...more
As we noted in our 2023 DSIR, there has been a flurry of activity within the information governance space, at home and abroad. This activity deserves further analysis, because while it seems from a distance that there are...more
The French Data Protection Authority capped off 2022 by terminating an investigation into Lusha Systems, Inc.’s compliance with GDPR. CNIL concluded that the law did not apply to the US company’s activities...more
Greece’s privacy protection authority recently announced it was fining Intellexa, an Israeli cyber tech company, EUR 50,000. The Hellenic Data Protection Authority (HDPA) imposed the fine as part of an investigation it...more
The regulation of cookies and similar tracking technologies is rapidly evolving, not only in the European Union and United Kingdom but also in the United States and globally. If you have visited a website recently, you might...more
As companies brace for the impact of COVID-19, the last thing on everyone’s mind may be proactive privacy compliance obligations. Certainly, companies may be thinking about privacy obligations that relate specifically to...more
FBI Issues Updated Ransomware Guidance - A recent report from New Zealand-based cybersecurity firm Emsisoft has revealed the extent to which ransomware is being used in cyberattacks in the United States. The first 9 months...more
White & Case Technology Newsflash - The development of autonomous vehicles has attracted significant attention in recent years. The technologies being used in order to enable vehicles to navigate without human assistance...more
French Data Protection Authority Issues Guidelines on Cookie Use - CNIL, France’s data protection authority, has released new rulesfor obtaining consumer consent under the GDPR for companies using cookies and other tracking...more
On July 18, 2019, the French Data Protection Authority (CNIL) issued new guidance on the use of cookies and similar tracking technologies (collectively referred to as “cookies” below). The guidance clarifies the instances in...more
Data protection authorities in the UK and France have released updated guidance for website operators that use cookies on their websites. This new guidance may mandate changes to existing cookie banners and provides further...more
Why does this topic matter to organisations? Whereas the remedies and sanctions available to DPAs under the Directive were comparatively low (generally subject to a maximum of less than €1 million per infringement, with...more
One key aspect of the EU’s General Data Protection Regulation (GDPR) is its aim of streamlining the regulatory process by providing “one-stop shopping”: the opportunity to deal with a single regulator with respect to all data...more
Over the past year, the German government has been working on legislation to implement the EU’s General Data Protection Regulation (GDPR). On July 6, 2017, Germany did so by passing a statute titled the Data Protection...more
On December 28, 2016, the New York Department of Financial Services ("DFS") released a revised version of a proposed regulation that would require banks, insurance companies, and other financial services institutions...more
On December 15, 2015, European Union (“EU”) politicians and officials reached a political agreement on a new EU-wide legal framework to govern data sharing and collection and related consumer privacy rights. It is called the...more
The central European countries of Slovakia and Hungary are divided by a common 420-mile-long border. But that dividing line, and other European national borders, may now be a little more blurred due to a key ruling by the...more
After the decision of October 6, 2015, of the Court of Justice of the EU (CJEU) invalidating the decision from the EU Commission (Decision 2000/520) on the Safe Harbor, transfer of personal data to the U.S. based on Standard...more
Following the ECJ’s decision in the “Schrems” case which has invalidated the Safe Harbor framework multinational corporations may now face profound privacy law related compliance issues in a multitude of jurisdictions. In the...more
The European Court of Justice (ECJ) has struck down the 15-year-old “Safe Harbor” agreement that permitted companies operating in Europe to transmit personal user data to the United States, as long as the U.S. ensures an...more
On October 6th, the European Court of Justice (ECJ) issued its opinion in Schrems v. Data Protection Commissioner (C-362/14), a case which, among other things, challenged the validity of the European Commission’s 2000 finding...more