Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
The TAKE IT DOWN Act (the Act), enacted on May 19, 2025, is a powerful (and controversial) new tool designed to stop people from sharing “nonconsensual intimate imagery,” or NCII, online. The Act does two main things: it...more
On June 20, 2025, the New York Child Data Protection Act (CDPA) took effect, ushering in some of the most comprehensive child and teen privacy protections in the United States. The law applies to operators of websites, apps,...more
Join Morrison Foerster’s global Privacy + Data Security Group for our masterclass webinar, “Caught in the Web: Untangling Challenges to Teen Online Safety Laws." We will break down the evolving legal landscape around teen...more
On 15 April 2025, the Dutch Data Protection Authority (DPA) issued warnings to 50 organisations, including online retailers, media companies, and insurers, for deploying misleading cookie banners or unlawfully placing...more
Following a wave of “session replay” wiretapping lawsuits in the United States, France’s Commission Nationale de l’Informatique et des Libertés (CNIL) has launched a consultation on tools for recording and replaying browsing...more
AT A GLANCE - As the digital world becomes an integral part of children's lives, state legislatures are placing greater emphasis on regulating how companies handle children’s personal information. This Legal Update...more
It is hard to believe that we are starting the 25th year of the 21st century. The rapid evolution that technology, privacy and data security have undergone these last 25 years is mindbending. Yet, as we enter 2025, it still...more
On January 16, 2025, the Federal Trade Commission finalized changes to the Children's Online Privacy Protection Act (COPPA) Rule. ...more
For years, one of the world’s most popular online video games, Fortnite, profited from in-game purchases (or “microtransactions”) that, according to the Federal Trade Commission (“FTC”), were unlawful and deceptive. Although...more
Readers of this blog may recall a recent favorable decision handed down by Massachusetts State’s highest court in which it found that Massachusetts Wiretap Act claims (“MWA”) do not extend to consumer interactions with...more
The act of predicting what will become the dominating storyline of data privacy and cybersecurity in 2025 is a hazardous enterprise, as one is almost surely to get something wrong. Without fail, every year, regulators and the...more
AI is technology that enables computers to simulate human intelligence and problem-solving skills, whereas deepfake is synthetic media that has been digitally manipulated to replace and mimic one person’s likeness. AI has...more
The HHS Office for Civil Rights (OCR) has abandoned its appeal of a federal judge’s ruling overturning OCR’s guidance prohibiting covered entities (CEs) and business associates (BAs) from using the web-tracking technologies...more
Keypoint: California district courts continue to split over whether “knowledge” is required to plead liability under Section 631(a)’s fourth prong while two decisions show courts taking different approaches to VPPA claims at...more
Keypoint: Courts have started to issue Pixel-based wiretapping decisions, the Seventh Circuit weighs in on when a manufacturer can be forced to pay arbitration fees, and three courts showed different approaches to dismissing...more
New York Attorney General Letitia James recently released guidance for businesses and consumers about website tracking technologies. The consumer guide provided examples of common cookies, tracking technologies, and how...more
In its ongoing concern with “dark patterns,” the FTC recently announced results of two reviews of sites and apps purportedly engaging in the practice. As a reminder, the FTC views as “dark patterns” practices or web designs...more
Keypoint: Courts reject personal jurisdiction arguments and suggest the Shopify decision will be overturned; Courts continue to show differing approaches to VPPA claims at the pleading stage with a large VPPA class action...more
Pennsylvania-based Geisinger Health System said it experienced a breach impacting more than 1.27 million patients when a former employee of vendor Nuance Communications Inc., a Microsoft Corp. subsidiary, accessed patient...more
Keypoint: The Central District of California issued several wiretapping decisions in May while two decisions on the VPPA illustrate how claims fail or succeed at the pleading stage. Welcome to the fourteenth installment in...more
Are you responsible for privacy compliance at your company? Sharpen your pencils and grab your highlighters for this three-part series on critical privacy laws, DPOs and privacy officers (and when you should appoint one), and...more
Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more
Last year proved to be a big year in data protection with U.S. state data protection laws popping up across the country, the FTC updating its guidance and regulations on everything from data breaches and biometric...more