Beyond the Bylaws: The Medical Staff Show - Need to Know: How to Manage Medical Staff Confidentiality and Privilege Protections
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
The DUAA introduces several reforms to UK data protection law, but their implications are relatively limited in practice. The Data (Use and Access) Act 2025 (the DUAA) was enacted on 19 June 2025 and amends rather than...more
On 19 June 2025 the Data (Use and Access) Act (the "DUA Act") received Royal Assent and became law in the UK, having been passed by the UK Parliament on 11 June 2025....more
On April 28 2025, the Court of Justice of the European Union (CJEU) published an updated version of the fact sheet (the Fact Sheet) summarising key case law on protection of personal data. The Fact Sheet covers the case law...more
Malaysia’s newly released Cross Border Personal Data Transfer Guidelines mark a groundbreaking shift in its data protection regulatory landscape, requiring data controllers to conduct Transfer Impact Assessments and implement...more
On April 1st, 2025, the General Court of the European Union held its first hearing on the request initiated by member of French parliament Philippe Latombe for annulment of the EU-U.S. Data Privacy Framework (“DPF”) further...more
Chile has amended its data privacy law granting significant rights to data subjects, and imposing stricter obligations on data controllers and processors. Published in the Official Gazette (Diario Oficial) on December 13,...more
Data privacy laws are evolving rapidly worldwide, with jurisdictions such as California, Japan, Canada, and Brazil adopting frameworks inspired by the EU’s General Data Protection Regulation (GDPR). Businesses operating...more
On January 31, 2025, the French supervisory authority (CNIL) published the final version of its guide on transfer impact assessments (TIA). A TIA must be undertaken by organisations relying on one of the ‘appropriate...more
As 2025 progresses, one thing is clear—GDPR enforcement is not slowing down. In fact, regulators across Europe are intensifying their scrutiny, handing out significant fines and even warning executives of potential personal...more
Following a German case brought against the EU Commission, the EU General Court found that the Commission had made an improper transfer of personal information to the US. The plaintiff, a German citizen, alleged (among other...more
President Trump recently fired the three democrats on the Privacy and Civil Liberties Oversight Board (PCLOB). Since these firings bring the Board to a sub-quorum level, they have the potential to significantly disrupt...more
In the fast-paced, ever-changing world of data, privacy, cyber, and AI, staying ahead of the curve is crucial. To mark Data Protection Day 2025, we've identified ten key themes that might significantly impact our clients in...more
It is hard to believe that another year is upon us! As we have done in years past (including 2023, 2022, 2021, 2020, 2019 and 2018), we have created a comprehensive resource of all our www.eyeonprivacy.com posts from 2024. As...more
As of January 1, 2025, the Israeli Privacy Protection Regulations (Instructions for data being transferred to Israel from the European Economic Area) will also apply to data being stored or processed in Israel or in other...more
In the six years since the EU’s General Data Protection Regulation (“GDPR”) took effect, governments around the world have updated their data protection laws to reflect the seismic changes in data processing that were created...more
This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK. 2024 has seen behavioural advertising and cookies continue to dominate the agenda of...more
Dutch data privacy officials recently imposed a staggering penalty on Uber – €290 million ($324 million) – for allegedly breaching the European Union’s comprehensive data privacy and security law. This groundbreaking fine is...more
In this episode of The Privacy Insider Podcast, host Arlo Gilbert is joined by Rachael Ormiston, Head of Privacy at Osano, to dive into the complex world of U.S. privacy regulations. How does the U.S. view privacy differently...more
As more and more states enact laws that mirror aspects of GDPR, and as companies begin to get used to the EU’s new standard contractual clauses, now may be a good opportunity for a refresh on data sharing agreements. As most...more
During 2023, privacy protection and artificial intelligence regulation continued apace and their implications continued to be a major focus in Israel and around the world. In Israel, this was reflected in a number of...more
Changes to India data privacy laws have been a long time coming. A 2017 Supreme Court decision sparked legislative overhaul when concluding that privacy is a fundamental right. A bill was introduced soon thereafter leading to...more
Why should I read this? A new UK-US data bridge will be available to businesses in the UK looking to transfer personal data to organizations in the United States certified under the UK Extension to the EU-US Data Privacy...more
On September 21, 2023, the UK Secretary of State for Science, Innovation and Technology laid before Parliament regulations that will operate to significantly simplify the process for UK businesses to transfer personal data to...more
On July 10, 2023, the European Commission (EC) adopted its adequacy decision for the EU-U.S. Data Privacy Framework (EU-U.S. DPF, or “Privacy Framework”), which establishes the Privacy Framework as an authorized mechanism...more
2023 is shaping up to be a landmark year for data privacy, on both sides of the Atlantic. In the US, four new state laws go into effect – two on July 1 – while California is expanding its already robust requirements, and...more