How Startups Can Comply With Ever-Changing Privacy Laws
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
The ‘Long Arm’ of CIPA and Its Newfound Pen-Trap Claims
Privacy Litigation Trends: Meta Pixels, Cookie Opt-Out, and Sale of Data
Fashion Counsel: Privacy in the Retail Fashion Industry
Healthcare Privacy Walkthroughs
CF on Cyber: An Update on the Florida Security of Communications Act (FSCA)
NGE On Demand: Privacy Considerations for Remote Work Productivity Monitoring with David Wheeler
I Wish I Knew What I Know Now: Conversations with AGG on FDA Issues - Data Privacy Issues Life Sciences Companies May Encounter
Education Data Privacy and Security Laws: Best Practices for School Districts
Compliance Perspectives: Permissible Disclosures under HIPAA, Especially in the Time of COVID-19
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
BakerHostetler Partner Alan Friel Talks Big Data and Data Collection
IP|Trend: It’s Time to Get to Know the Federal Trade Commission
IP|Trend: Keeping Your Start-Up Compliant
Yul Kwon, Head of @Facebook's Privacy Program & CBS 'Survivor' Winner, Opens Up On @HsuUntied
An Overview of the 2014 Class Action Survey
If your company uses a third-party tool to power your website chat function or AI-assisted customer service, the 9th Circuit Court of Appeals just delivered a ruling you should know about. On July 9, the court affirmed...more
This monthly report outlines key developments in China’s data protection sector for July. The following events merit special attention: CAC Issues Third Edition of the Data Export Security Assessment Application Guide: On...more
New Jersey officials recently released proposed privacy regulations that would create several new compliance obligations for businesses above and beyond what existing state law and many other state laws require, meaning you...more
Thora Johnson shares simple guidance on: Data management for privacy compliance Ensuring data security through storage and retention practices...more
Recent enforcement activities in California and Connecticut highlight that states are ready and willing to actively enforce their comprehensive privacy laws. These recent actions – which continue the trend of states ramping...more
While website privacy notices are now commonplace – and consumers might only skim them – a recent settlement highlights the importance of staying vigilant about complying with applicable consumer privacy laws. The Connecticut...more
In its first fine for violations of the Connecticut Data Privacy Act (“CDPA”), the state's omnibus data privacy law, the Connecticut Attorney General (“CT AG”) chose to make an example of deficient privacy notices....more
California Attorney General Rob Bonta has settled claims against Healthline Media (Healthline) for violations of the California Privacy Protection Act (CCPA) related to the company's sharing of personal information and...more
A California bill aimed at curbing the explosion of lawsuits filed against businesses using common website tools like cookies, pixels, and session replay software has stalled out in the 2025 legislative session, meaning your...more
Healthline Media has agreed to pay $1.55 million to resolve allegations that it violated the California Consumer Privacy Act (CCPA) – which is the largest settlement to date under the state’s landmark privacy law. The...more
Last month Restructuring Perspectives highlighted crucial issues at the intersection of privacy and distress presented by the Chapter 11 case of 23andMe. Specifically, “Data for Sale” discussed the recent appointment of a...more
Social media is used by both organizations and employees—as a marketing tool for business, for entertainment, or for interacting with friends and family....more
In the recent high-profile civil class action, Frasco v. Flo Health, a California federal court issued a significant ruling partially certifying a nationwide class and California subclass of individuals who used the Flo...more
For businesses subject to the California Consumer Privacy Act (CCPA), a compliance step often overlooked is the requirement to annually update the businesses online privacy policy. Under Cal. Civ. Code § 1798.130(a)(5),...more
Startups face many challenges in complying with ever-changing state and federal privacy laws. Procopio Partner and Privacy Officer Elaine Harwell walks startup founders and executives on how to navigate privacy laws and build...more
Montana’s privacy law has received a refresh and updates will go into effect October 1, 2025 – exactly one year since the law took effect. The law was modified with SB 297, and changes include coverage, approach with minors,...more
Keypoint: In this post: (1) Standing may depend on how specific plaintiffs’ complaint is; (2) the 2d Circuit adopts the 3rd and 9th Circuit’s narrower interpretation of PII under the VPPA; (3) Promises in privacy policies not...more
On June 3, 2025, the Connecticut legislature passed a bill amending the Connecticut Data Privacy Act (CTDPA). The amendment introduces a variety of changes, including a broadening of the CTDPA’s applicability, changed...more
Selling goods or services online can be a challenge, as there are various legal issues to consider. Here are my top 10 recommendations for protecting your rights when using the internet as a tool for sales or licenses: 1....more
A California federal court just certified a significant class action involving allegations that a health-tracking app improperly shared sensitive health information with third parties without user consent. The court’s May 22...more
On May 8, 2025, Montana Governor Greg Gianforte signed Senate Bill 297 (SB 297) into law, significantly revising the existing Montana Consumer Data Privacy Act (MCDPA). These amendments generally mirror requirements in...more
A recent series of articles by the International Association of Privacy Professionals discusses a trend in privacy litigation focused on breach of contract and breach of warranty claims. Practical Takeaways- • Courts are...more
Businesses need to remain vigilant regarding recent developments in consumer-based data privacy class actions. In recent weeks, the plaintiff class action bar has filed several lawsuits against The Trade Desk Inc. related to...more
Businesses just received some good news when a federal court dismissed a California Invasion of Privacy Act (CIPA) claim that aimed to expand the reach of the state’s wiretapping law to cover internet communications. The...more
In today’s digital landscape, privacy policies have evolved from obscure legal documents into essential corporate governance tools. As data privacy regulations expand globally, organizations face increasing compliance...more