Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more
As data protection regulations evolve and employee rights awareness grows, organisations are seeing a significant uptick in Data Subject Access Requests (DSARs). Pursuant to Article 15 of the UK and EU General Data Protection...more
On April 16, data privacy law regulators in seven states announced the creation of the Consortium of Privacy Regulators, a bipartisan group of state regulators seeking to “share expertise and resources, as well as coordinate...more
The European Data Protection Board's (EDPB) Opinion 28/2024 provides valuable insights into the intersection of artificial intelligence and data protection, particularly in the context of compliance with the EU General Data...more
On February 20, 2025, the Polish Personal Data Protection Office (UODO) published an updated version of the guide on personal data protection breaches. The first edition was released in 2018. The latest version...more
With data becoming one of the most valuable assets, protecting it is not just a legal obligation but a business imperative....more
Know What Laws Apply - Privacy and security laws, particularly in the U.S., have changed dramatically in the last few years. It’s not surprising many leaders are unsure which new laws or updated regulations apply to their...more
The rise of AI agents—autonomous decision-making systems—is set to revolutionize business operations by significantly expanding the role of AI beyond generative models like ChatGPT. Unlike traditional AI tools, agentic AI can...more
On January 31, 2025, the French supervisory authority (CNIL) published the final version of its guide on transfer impact assessments (TIA). A TIA must be undertaken by organisations relying on one of the ‘appropriate...more
Der Europäische Gerichtshof (EuGH) hat festgestellt, dass Kollektivvereinbarungen (wie bspw. Betriebsvereinbarungen) nur dann eine rechtliche Grundlage für die Verarbeitung von Beschäftigtendaten darstellen können, wenn sie...more
As 2025 progresses, one thing is clear—GDPR enforcement is not slowing down. In fact, regulators across Europe are intensifying their scrutiny, handing out significant fines and even warning executives of potential personal...more
Data minimization is a legal and operational necessity in today’s privacy landscape. There are now legal and operational curbs to the pervasive practice of keeping everything forever. With the rise of global frameworks like...more
The European Data Protection Board (EDPB) has issued an opinion on certain data protection aspects related to processing personal data in AI models. The opinion came after the Irish supervisory authority raised questions to...more
The first binding obligations of the European Union’s landmark AI legislation, the EU AI Act (the Act), came into effect on February 2, 2025. Essentially, from this date, AI practices which present an unacceptable level of...more
Entering 2025, artificial intelligence (“AI”) has passed the hype stage and now drives transformation across industries by reshaping business operations, customer interactions, and regulatory environments. Understanding the...more
It is hard to believe that another year is upon us! As we have done in years past (including 2023, 2022, 2021, 2020, 2019 and 2018), we have created a comprehensive resource of all our www.eyeonprivacy.com posts from 2024. As...more
Ask a compliance officer to name their top worry about artificial intelligence, and odds are they will blurt out something to do with privacy. That doesn’t just tell us what the risks of AI are – it also gives us hints about...more
Advancements in artificial intelligence and digitalization are changing the world of work at a rapid pace. In particular, when AI systems are used as workforce management tools, employers can automate a large number of tasks...more
The EU Artificial Intelligence Act (“AI Act”) exemplifies a highly advanced risk-based approach to European regulation. One of its distinguishing features is the detailed classification of various risk levels associated with...more
What should privacy and cybersecurity practitioners and specialists consider after the 2025 inauguration? There are a few notable issues that may shape how businesses think about their privacy and cybersecurity programs: ...more
This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK. 2024 has seen behavioural advertising and cookies continue to dominate the agenda of data...more
On 27 June 2024, the Spanish supervisory authority (‘AEPD’) and the European Data Protection Supervisor (‘EDPS’), announced the joint publication of a report addressing the data protection challenges associated with neuro...more
Germany evaluates AI-specific legislation needs and actively engages in international initiatives. Laws/Regulations directly regulating AI (the “AI Regulations”) Currently, with the exception of minor references to AI...more
In a groundbreaking move, the European Union has launched its bid to set the new comprehensive standard for the regulation of artificial intelligence (AI) with the European Parliament passing the EU AI Act on March 13, 2024....more