Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
The Italian Data Protection Authority (Garante) has fined a company EUR 420,000 for violating privacy laws in the workplace. The decision focuses on the employer’s use of content from Facebook, WhatsApp, and Messenger— shared...more
The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more
As data protection regulations evolve and employee rights awareness grows, organisations are seeing a significant uptick in Data Subject Access Requests (DSARs). Pursuant to Article 15 of the UK and EU General Data Protection...more
As the digital economy continues to thrive and remote work becomes increasingly mainstream, an “offshore model” of business operation has emerged. Under this model, companies may provide services to users in a given...more
Data privacy regulations aren’t known for being light reading. That doesn’t make it easy for businesses to become compliant. When one law refers to data subjects, another to residents, another to consumers, and another...more
A recent and far-reaching decision by the Italian Data Protection Authority (Garante) has significantly altered the rules governing marketing privacy consent in Italy, introducing a potential obligation to adopt a double...more
On 19 June 2025 the Data (Use and Access) Act (the "DUA Act") received Royal Assent and became law in the UK, having been passed by the UK Parliament on 11 June 2025....more
On 17th June 2025, the Spanish Data Protection Authority (“AEPD”) published guidance in relation to Royal Decree 933/2021, which regulates document registration and information obligations relating to accommodation and motor...more
The Italian Data Protection Authority (the Garante) has issued its first GDPR fine for, among other breaches, unlawful retention of metadata from employees’ emails and web browsing activities. The decision applies, for the...more
In today’s data-driven sports industry, teams, leagues and sponsors increasingly rely on biometric and performance data to enhance player performance, prevent injuries and optimize contract negotiations. Such data collection...more
Organizations must continuously review and refine their data governance strategies to keep pace with a regulatory environment that is shifting at an unprecedented rate. In response to mandates for stronger compliance...more
On April 28 2025, the Court of Justice of the European Union (CJEU) published an updated version of the fact sheet (the Fact Sheet) summarising key case law on protection of personal data. The Fact Sheet covers the case law...more
Malaysia’s newly released Cross Border Personal Data Transfer Guidelines mark a groundbreaking shift in its data protection regulatory landscape, requiring data controllers to conduct Transfer Impact Assessments and implement...more
On April 23 and 24, 2025, regulators, industry leaders and data privacy leaders from across the globe convened in Washington, D.C. for the 2025 International Association of Privacy Professionals (IAPP) Global Privacy Summit....more
On April 16, data privacy law regulators in seven states announced the creation of the Consortium of Privacy Regulators, a bipartisan group of state regulators seeking to “share expertise and resources, as well as coordinate...more
On 15 April 2025, the Dutch Data Protection Authority (DPA) issued warnings to 50 organisations, including online retailers, media companies, and insurers, for deploying misleading cookie banners or unlawfully placing...more
On April 14 2025, the European Data Protection Board (EDPB) announced the outcomes of its plenary session that took place on April 8 2025, during which the EDPB adopted draft Guidelines on processing of personal data through...more
What happens when data protection collides with the relentless pace of digital innovation? That’s the question the European Data Protection Board (EDPB) seemed to confront head-on in 2024, a year marked by unprecedented...more
Businesses need to remain vigilant regarding recent developments in consumer-based data privacy class actions. In recent weeks, the plaintiff class action bar has filed several lawsuits against The Trade Desk Inc. related to...more
In today’s digital landscape, privacy policies have evolved from obscure legal documents into essential corporate governance tools. As data privacy regulations expand globally, organizations face increasing compliance...more
When browsing the internet, consumers are accustomed to being presented with advertisements for products for which they previously had searched. Through use of third-party tracking tools, companies are able to monitor visitor...more
On April 1st, 2025, the General Court of the European Union held its first hearing on the request initiated by member of French parliament Philippe Latombe for annulment of the EU-U.S. Data Privacy Framework (“DPF”) further...more
The French Data Protection Authority launches a public consultation on location data of connected vehicles, until May 20, 2025. This work will shape future regulations regarding the use of location data and its impact on...more
Automated decision-making, or ADM, is used for a wide range of use cases that impact individuals — from processing insurance claims and credit scoring, to ranking job candidates and offering personalized pricing or targeted...more
On March 7 2025, the European Parliamentary Research Service (EPRS) published a paper outlining the challenges to UK data adequacy and ongoing national legislative reforms that could affect the renewal of the two existing...more