Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
Are you using artificial intelligence in your business operations? Do you have AI embedded in the goods and services you offer customers? The regulatory framework applicable to AI continues to develop, including across US...more
On April 22, FTC Commissioner Melissa Holyoak delivered the opening keynote at the IAPP Global Summit, where she emphasized the importance of vigorously enforcing privacy laws while warning against stretching the FTC’s...more
The Cyberspace Administration of China (CAC) released an important Q&A on cross-border data transfer requirements and policies in early April, providing clarification on a number of issues of concern to companies in China....more
On April 8, the National Security Division of the U.S. Department of Justice’s (DOJ) new rule on cross-border data transfers takes effect. It restricts U.S. businesses from transferring certain bulk sensitive personal data to...more
U.S. companies and organizations have entered a new era of sweeping restrictions on cross-border data transfers. The Department of Justice's (DOJ) Final Rule, "Preventing Access to U.S. Sensitive Personal Data and...more
Data privacy laws are evolving rapidly worldwide, with jurisdictions such as California, Japan, Canada, and Brazil adopting frameworks inspired by the EU’s General Data Protection Regulation (GDPR). Businesses operating...more
In our latest blog post, we shared a few considerations for compliance in the context of complex outsourcing contracts. Continuing on this theme, we take a look into the matter of data protection compliance....more
India just released a landmark draft of new rules to refine and implement the Digital Personal Data Protection Act (DPDP Act) – which is India’s first comprehensive data privacy legislation regulating digital personal data...more
It is hard to believe that another year is upon us! As we have done in years past (including 2023, 2022, 2021, 2020, 2019 and 2018), we have created a comprehensive resource of all our www.eyeonprivacy.com posts from 2024. As...more
On January 8, 2025, the Department of Justice (DOJ) published in the Federal Register a Final Rule, "Preventing Access to U.S. Sensitive Personal Data and Government Related Data by Countries of Concern or Covered Persons,"...more
On January 8, 2025, the Department of Justice (“DOJ”) published its Final Rule to implement President Biden’s Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States...more
Four years after the Brazilian General Data Protection Law (LGPD) came into force, Brazil’s Superior Court of Justice (STJ) recently issued a list of precedents exploring how the court applied the law and addressed the...more
Dutch data privacy officials recently imposed a staggering penalty on Uber – €290 million ($324 million) – for allegedly breaching the European Union’s comprehensive data privacy and security law. This groundbreaking fine is...more
Las compañías que hacen negocios en México deben revisar las políticas y prácticas pertinentes para asegurarse de que se alinean al marco integral de privacidad de datos del país. Específicamente, querrá evaluar sus avisos de...more
Companies doing business in Mexico should review relevant policies and practices to ensure they align with the country’s comprehensive data privacy framework. Specifically, you’ll want to assess your privacy notices, data...more
On August 7, 2024, after three years of negotiation, the United Nation’s Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal...more
The Israeli Privacy Protection Authority (“PPA”) recently published a draft opinion, which is open for public comments, addressing transfers of personal data from Israel to other countries. In this opinion, the PPA seeks to...more
In this episode of The Privacy Insider Podcast, host Arlo Gilbert is joined by Rachael Ormiston, Head of Privacy at Osano, to dive into the complex world of U.S. privacy regulations. How does the U.S. view privacy differently...more
Introduction - Below is a brief outline of the legal regulation of personal protection in Ukraine. Governing Data Protection Legislation - 2.1. Overview of principal legislation - The main legal act governing...more
Introduction - The legal regime in India relating to data protection and privacy has undergone a significant re-haul and revamp. The Digital Data Protection Act, 2023 (“DPDPA”) received the President’s assent and was...more
On March 22, 2024, nearly six months after the release of the “draft Provisions on Regulating and Promoting Cross-border Data Transfer” (the “Draft Rules”), the Cybersecurity Administration of China (the “CAC”) formally...more
China has passed provisions which relax the current cross-border data transfer mechanisms. This comes as welcome news to the international business community, especially those with the need to export data from China in the...more
During 2023, privacy protection and artificial intelligence regulation continued apace and their implications continued to be a major focus in Israel and around the world. In Israel, this was reflected in a number of...more
In September 2022, the Cyberspace Administration of China (the “CAC”) officially enacted the Measures on Security Assessment for the Cross-border Transfer of Data (the “Measures”). Under the Measures, an entity (the “data...more
Companies that collect or process personal data in Brazil — or from consumers in the country — should be familiar with the Brazilian General Data Protection Law, which has been the country’s main legislation on the matter...more