How Startups Can Comply With Ever-Changing Privacy Laws
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
The ‘Long Arm’ of CIPA and Its Newfound Pen-Trap Claims
Privacy Litigation Trends: Meta Pixels, Cookie Opt-Out, and Sale of Data
Fashion Counsel: Privacy in the Retail Fashion Industry
Healthcare Privacy Walkthroughs
CF on Cyber: An Update on the Florida Security of Communications Act (FSCA)
NGE On Demand: Privacy Considerations for Remote Work Productivity Monitoring with David Wheeler
I Wish I Knew What I Know Now: Conversations with AGG on FDA Issues - Data Privacy Issues Life Sciences Companies May Encounter
Education Data Privacy and Security Laws: Best Practices for School Districts
Compliance Perspectives: Permissible Disclosures under HIPAA, Especially in the Time of COVID-19
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
BakerHostetler Partner Alan Friel Talks Big Data and Data Collection
IP|Trend: It’s Time to Get to Know the Federal Trade Commission
IP|Trend: Keeping Your Start-Up Compliant
Yul Kwon, Head of @Facebook's Privacy Program & CBS 'Survivor' Winner, Opens Up On @HsuUntied
An Overview of the 2014 Class Action Survey
New Jersey officials recently released proposed privacy regulations that would create several new compliance obligations for businesses above and beyond what existing state law and many other state laws require, meaning you...more
Recent enforcement activities in California and Connecticut highlight that states are ready and willing to actively enforce their comprehensive privacy laws. These recent actions – which continue the trend of states ramping...more
Healthline Media has agreed to pay $1.55 million to resolve allegations that it violated the California Consumer Privacy Act (CCPA) – which is the largest settlement to date under the state’s landmark privacy law. The...more
For businesses subject to the California Consumer Privacy Act (CCPA), a compliance step often overlooked is the requirement to annually update the businesses online privacy policy. Under Cal. Civ. Code § 1798.130(a)(5),...more
Keypoint: In this post: (1) Standing may depend on how specific plaintiffs’ complaint is; (2) the 2d Circuit adopts the 3rd and 9th Circuit’s narrower interpretation of PII under the VPPA; (3) Promises in privacy policies not...more
A California federal court just certified a significant class action involving allegations that a health-tracking app improperly shared sensitive health information with third parties without user consent. The court’s May 22...more
A recent series of articles by the International Association of Privacy Professionals discusses a trend in privacy litigation focused on breach of contract and breach of warranty claims. Practical Takeaways- • Courts are...more
In a big win for businesses, a California federal court just held that a “tester” plaintiff – someone who visits websites for purposes of initiating litigation – cannot bring a claim under the California Invasion of Privacy...more
In late March, an online retailer successfully asserted consent as a complete defense to a putative Pennsylvania Wiretapping and Electronic Surveillance Control Act of 1978 (WESCA) class action lawsuit, resulting in the...more
Keypoint: In this post: (1) How a privacy policy can defeat a plaintiff’s “delayed discovery” argument; (2) Two CA state courts reject plaintiffs’ allegations concerning personal jurisdiction; (3) Three courts dismiss PR/TT...more
On February 10, 2025, the first class action complaint was filed pursuant to Washington’s MY Health MY Data Act (“MHMDA”), Wash. Rev. Code Ann. § 19.373.005 et seq. See Maxwell v. Amazon.com, Inc. et al., Case No. 2:25-cv-261...more
Tracking U.S. state consumer data privacy legislation. Our map tracks privacy legislation and provides links to resources and information related to active states. To review prior years' state privacy legislation, visit...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
As 2025 begins, businesses across the U.S. will be required to navigate an even more expanded landscape of state-level privacy regulations. In all, eight states are introducing comprehensive privacy laws, further adding to...more
The Colorado attorney general’s office just adopted significant updates to the Colorado Privacy Act (CPA) rules, which will soon introduce new obligations related to biometric data, employee biometrics, children’s privacy,...more
What Issues Did the California Privacy Protection Agency Raise? On July 16, 2024, the California Privacy Protection Agency (Agency) discussed proposed updates to the California Consumer Privacy Act (CCPA) regulations....more
The list of U.S. state-level data privacy laws will grow substantially this summer as three more comprehensive state laws become effective. Texas, Oregon and Florida each have a comprehensive data privacy law taking effect on...more
Keypoint: The Central District of California issues a major victory for website owners facing CIPA-arbitration demands, two decisions address whether a plaintiff consented as a defense to wiretapping claims, three courts in...more
A California appeals court just pressed fast-forward and ruled that the state can immediately begin enforcing new regulations governing the state’s cornerstone data privacy law instead of waiting until late next month. This...more
Texas became the latest state to pass comprehensive consumer data privacy and security legislation when Governor Abbot signed the Texas Data Privacy and Security Act into law on June 18. It will require businesses to take...more
Getting into compliance with the California Consumer Privacy Act (CCPA) can seem like an overwhelming task. After all, the law is comprised not only of a dense statute and detailed regulations, but the amendment effective...more
Iowa will soon be the sixth state in the nation with a comprehensive consumer privacy law – but the good news for employers is that it does not apply to data collected in the employment context and does not include a private...more
Recent and Upcoming Rules Announcements Mark Turning Point for Businesses Now Obligated to "Minimize" Data Use - The California Privacy Protection Agency approved its first round of “final” implementing regulations under...more
Recent findings by the Office of the Privacy Commissioner of Canada (“OPC”) found that Home Depot of Canada Inc. (“Home Depot”) did not obtain valid meaningful consent to share summary purchase information with Meta Platforms...more
The California Attorney General just announced an investigative sweep of mobile apps that allegedly fail to meet the requirements of state data privacy law, meaning businesses that conduct business through apps need to...more