Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
Switzerland's National AI Strategy sets out guidelines for the use of AI, and aims to finalize an AI regulatory proposal in 2025. Laws/Regulations directly regulating AI (the “AI Regulations”) There are no specific laws,...more
Connecticut has made changes to its privacy law, including lower thresholds, exemptions updates, new categories of sensitive data, expanded consumer rights, and more....more
Online retailers now face an increasingly complex matrix of state consumer-privacy statutes that impose prescriptive requirements on data collection, monetization, and cybersecurity practices. ...more
The launch of the Global Cross Border Privacy Rules (CBPR) and Privacy Rules for Processors (PRP) systems on June 2, 2025 offers a framework to manage increasingly difficult standards for global data privacy governance....more
The rapid development of data protection laws across the Asia-Pacific region indicates significant movement toward certain standards, albeit with notable local policy variations across multiple areas. Our Asia-Pacific Data,...more
The Measures outline requirements and procedures for self-initiated and regulator-mandated compliance audits from May 1, 2025....more
The 1:10:100 rule—coined in 1992 by George Labovitz and Yu Sang Chang, the rule describes how much bad data costs. Preventing the creation of bad data at its source costs $1. Remediating bad data costs $10. Doing nothing...more
Welcome to our fourth issue of 2025 of Decoded - our technology law insights e-newsletter. We hope you enjoy this issue and thank you for reading. Sector by Sector: How Data Breaches are Wrecking Bottom Lines - “Data...more
Several state attorneys general (AGs) and the Federal Trade Commission (FTC) have begun scrutinizing ancestry tracking company 23andMe following its recent announcement that it has filed for Chapter 11 bankruptcy. As part of...more
In March 2023, Elon Musk and Steve Wozniak, along with other technology experts, signed an open letter asking that training powerful AI models be stopped until stronger AI governance laws could be developed. Two months later,...more
Malaysia issued a regulatory guideline for data breach notification in February 2025. This article discusses how the new regulation affects businesses in Malaysia. On 25 February 2025, Malaysia's Personal Data Protection...more
On February 14, 2025, New York’s Governor Hochul signed into law A.B. 920, which amended the state’s Information Security Breach and Notification Act to add personal health information to the types of data that constitute...more
Generative AI is incredibly popular. So popular that many GenAI tools now have browser extensions that work across all open pages of the browsers upon which they are installed. They helpfully summarize pages, highlight...more
Welcome to this month’s issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security, & Data Protection practice....more
Following Malaysia’s introduction of data breach notification and data protection officer (“DPO”) appointment requirements in last year’s significant amendments to the Personal Data Protection Act (“PDPA”) (click here for our...more
Know What Laws Apply - Privacy and security laws, particularly in the U.S., have changed dramatically in the last few years. It’s not surprising many leaders are unsure which new laws or updated regulations apply to their...more
Publications & Advisories - January 31, 2025 – Kathleen Benway, Maki DePalo, Jennifer Everett, and Hyun Jai Oh published “Privacy, Cyber & Data Strategy Advisory | FTC Finalizes Amendments to COPPA Rule.”...more
The rise of AI agents—autonomous decision-making systems—is set to revolutionize business operations by significantly expanding the role of AI beyond generative models like ChatGPT. Unlike traditional AI tools, agentic AI can...more
The concept of Artificial Intelligence (AI) “hallucinating,” i.e. generating answers and sources that do not exist, is widely sweeping the popular lexicon. However, more troubling is when AI platforms do not hallucinate at...more
On January 16, 2025, the Federal Trade Commission (FTC) announced significant updates to the Children’s Online Privacy Protection Act (COPPA) Rule. For operators of websites or online services subject to this law, it is a...more
The Texas Attorney General has emerged as a significant regulatory enforcement authority for data privacy in the US. Traditionally, data privacy enforcement in the US has emanated from the Federal Trade Commission and other...more
On January 29, 2025, the General Court of the European Union delivered a significant judgment concerning the powers and competences of the European Data Protection Board ("EDPB"). The case involved the Data Protection...more
Looking forward to 2025, more U.S. states are in line to pass omnibus data protection laws, enforcement of U.S. state data protection laws is likely to increase, and “sensitive data” concepts will similarly grow and take...more
India just released a landmark draft of new rules to refine and implement the Digital Personal Data Protection Act (DPDP Act) – which is India’s first comprehensive data privacy legislation regulating digital personal data...more
As the integration of technology in the workplace accelerates, so do the challenges related to privacy, cybersecurity, and the ethical use of artificial intelligence (AI). Human resource professionals and in-house counsel...more