We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
How Startups Can Comply With Ever-Changing Privacy Laws
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
The ‘Long Arm’ of CIPA and Its Newfound Pen-Trap Claims
Privacy Litigation Trends: Meta Pixels, Cookie Opt-Out, and Sale of Data
Fashion Counsel: Privacy in the Retail Fashion Industry
Healthcare Privacy Walkthroughs
CF on Cyber: An Update on the Florida Security of Communications Act (FSCA)
NGE On Demand: Privacy Considerations for Remote Work Productivity Monitoring with David Wheeler
I Wish I Knew What I Know Now: Conversations with AGG on FDA Issues - Data Privacy Issues Life Sciences Companies May Encounter
Education Data Privacy and Security Laws: Best Practices for School Districts
Compliance Perspectives: Permissible Disclosures under HIPAA, Especially in the Time of COVID-19
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
BakerHostetler Partner Alan Friel Talks Big Data and Data Collection
IP|Trend: It’s Time to Get to Know the Federal Trade Commission
IP|Trend: Keeping Your Start-Up Compliant
Yul Kwon, Head of @Facebook's Privacy Program & CBS 'Survivor' Winner, Opens Up On @HsuUntied
Regulators and courts are expanding enforcement against digital health apps and online platforms that share sensitive health data without true consent, though these companies fall outside the scope of the Health Insurance...more
Officials from California, Colorado, and Connecticut just announced a coordinated investigative sweep targeting companies whose websites may be ignoring automatic opt-out preference signals that users can configure in their...more
Michigan lawmakers are considering sweeping updates to the state’s identity theft protection law while also debating whether Michigan will become one of nearly half the states that have passed a consumer privacy law. Fisher...more
Data scraping is an automated process through which computer programs extract vast amounts of data from the internet at a faster rate than manual data collection methods....more
Most U.S. businesses are aware that they need to have a Privacy Policy available on their websites. Most businesses also are aware that the generic forms they may obtain from third-party website developers or through general...more
On July 30, 2025, a wine producer was sued in connection with a cyberattack that allegedly compromised the data of at least 26,000 customers. Among other things, the complaint alleges that the company failed to implement...more
Researchers at Arizona State University and Citizen Lab have discovered that three families of Android VPN applications, used by millions of people worldwide, are related and owned by companies or individuals located in...more
In today’s digital landscape, a website privacy policy is no longer just a legal formality—it’s a critical shield for your business and a trust-building tool for your customers. Here’s why every company should prioritize...more
A recent high-profile breach at a women-focused dating app underscores how quickly a privacy misstep can escalate into lawsuits and reputational harm. The incident offers a cautionary tale for any company handling sensitive...more
Amendment 13, which significantly updates privacy laws in Israel, has come into effect! If you still don’t know what to do to comply with the requirements, we’ve prepared a guide to help you address the main issues (not all...more
In this week’s Film Room, we: - flag risks associated with the football program general manager (GM) position - update you on a recent surge of data privacy lawsuits targeting the sports industry We also outline steps...more
It’s not just the summer temperatures that are rising; privacy enforcement is heating up across the nation, too. As states ramp up their monitoring and regulatory actions, businesses are finding themselves at the crossroads...more
Can we take any insights from Connecticut’s first settlement under the state’s Data Privacy Act, reached with TicketNetwork, an online ticket marketplace? The AG concerns mirrored priorities outlined in Connecticut’s 2025...more
On May 1, 2025, the California Privacy Protection Agency (CPPA) issued a Final Order in one of its first public enforcement actions under the California Consumer Privacy Act (CCPA), imposing a fine of nearly $350,000 on the...more
Although the California Invasion of Privacy Act (“CIPA”) lawsuit train shows no signs of slowing down, a California federal judge recently derailed a CIPA email tracking lawsuit when it dismissed claims mirroring those...more
California regulators unanimously approved a sweeping set of regulations on July 24 governing the use of automated decision-making technology (ADMT) and mandating risk assessments and cybersecurity audits for businesses...more
Over the past few months, securing approval for listing on The Campaign Registry (“TCR”) has become significantly more difficult. Why? Because virtual phone service providers (“service providers”) continue to update internal...more
If your company uses a third-party tool to power your website chat function or AI-assisted customer service, the 9th Circuit Court of Appeals just delivered a ruling you should know about. On July 9, the court affirmed...more
This monthly report outlines key developments in China’s data protection sector for July. The following events merit special attention: CAC Issues Third Edition of the Data Export Security Assessment Application Guide: On...more
New Jersey officials recently released proposed privacy regulations that would create several new compliance obligations for businesses above and beyond what existing state law and many other state laws require, meaning you...more
Thora Johnson shares simple guidance on: Data management for privacy compliance Ensuring data security through storage and retention practices...more
Recent enforcement activities in California and Connecticut highlight that states are ready and willing to actively enforce their comprehensive privacy laws. These recent actions – which continue the trend of states ramping...more
While website privacy notices are now commonplace – and consumers might only skim them – a recent settlement highlights the importance of staying vigilant about complying with applicable consumer privacy laws. The Connecticut...more
In its first fine for violations of the Connecticut Data Privacy Act (“CDPA”), the state's omnibus data privacy law, the Connecticut Attorney General (“CT AG”) chose to make an example of deficient privacy notices....more
California Attorney General Rob Bonta has settled claims against Healthline Media (Healthline) for violations of the California Privacy Protection Act (CCPA) related to the company's sharing of personal information and...more