How Startups Can Comply With Ever-Changing Privacy Laws
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
The ‘Long Arm’ of CIPA and Its Newfound Pen-Trap Claims
Privacy Litigation Trends: Meta Pixels, Cookie Opt-Out, and Sale of Data
Fashion Counsel: Privacy in the Retail Fashion Industry
Healthcare Privacy Walkthroughs
CF on Cyber: An Update on the Florida Security of Communications Act (FSCA)
NGE On Demand: Privacy Considerations for Remote Work Productivity Monitoring with David Wheeler
I Wish I Knew What I Know Now: Conversations with AGG on FDA Issues - Data Privacy Issues Life Sciences Companies May Encounter
Education Data Privacy and Security Laws: Best Practices for School Districts
Compliance Perspectives: Permissible Disclosures under HIPAA, Especially in the Time of COVID-19
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
BakerHostetler Partner Alan Friel Talks Big Data and Data Collection
IP|Trend: It’s Time to Get to Know the Federal Trade Commission
IP|Trend: Keeping Your Start-Up Compliant
Yul Kwon, Head of @Facebook's Privacy Program & CBS 'Survivor' Winner, Opens Up On @HsuUntied
An Overview of the 2014 Class Action Survey
This monthly report outlines key developments in China’s data protection sector for July. The following events merit special attention: CAC Issues Third Edition of the Data Export Security Assessment Application Guide: On...more
Recent enforcement activities in California and Connecticut highlight that states are ready and willing to actively enforce their comprehensive privacy laws. These recent actions – which continue the trend of states ramping...more
In its first fine for violations of the Connecticut Data Privacy Act (“CDPA”), the state's omnibus data privacy law, the Connecticut Attorney General (“CT AG”) chose to make an example of deficient privacy notices....more
California Attorney General Rob Bonta has settled claims against Healthline Media (Healthline) for violations of the California Privacy Protection Act (CCPA) related to the company's sharing of personal information and...more
Healthline Media has agreed to pay $1.55 million to resolve allegations that it violated the California Consumer Privacy Act (CCPA) – which is the largest settlement to date under the state’s landmark privacy law. The...more
On May 8, 2025, Montana Governor Greg Gianforte signed Senate Bill 297 (SB 297) into law, significantly revising the existing Montana Consumer Data Privacy Act (MCDPA). These amendments generally mirror requirements in...more
Oregon consumers submitted more than 100 privacy complaints to the state’s justice department within six months of the Oregon Consumer Privacy Act (OCPA) taking effect, and businesses subject to the new law need to take note....more
In a March 31, 2025 letter, the Chair of the FTC, Andrew Ferguson, wrote to the Acting U.S. Bankruptcy Trustee and set out the FTC’s expectations for the protection of consumer information held by 23andMe. As we noted...more
The California Privacy Protection Agency (CPPA) has issued its first Order of Decision to American Honda Motor Co. in an enforcement action under the California Consumer Privacy Act (CPPA). Although the investigation arose...more
On March 12, 2025, the California Consumer Privacy Protection Agency (CPPA or Agency) announced a settlement with an auto manufacturer, marking the Agency’s first enforcement action under the California Consumer Privacy Act...more
This week, New York Attorney General Letitia James announced a settlement with app developer Saturn Technologies (Saturn) following an investigation into privacy practices that promised teens an exclusive community but...more
Texas AG Ken Paxton has announced an investigation into the artificial intelligence company DeepSeek’s privacy practices and its claims that its AI model rivals the most advanced AI models in the world, including OpenAI....more
If you are the owner of a telemarketing business, there is a good chance that you are familiar with The Campaign Registry (“TCR”). TCR registration is essential for businesses for several reasons. Crucially, it ensures that...more
“Don’t Mess with Texas.” It’s an evocative phrase, which is probably why it survived so long past its humble origins as a 1980s campaign slogan to discourage drivers from littering on Texan highways....more
As new state data privacy laws continue to emerge and existing ones evolve, businesses face increasing complexity in maintaining compliance. Our Second Annual Data Privacy Forum focuses on key state privacy laws and explores...more
Sorry folks, there is no punchline here, but there are bottom lines from a settlement the Federal Trade Commission (FTC) announced last week. We discuss three today: (1) the FTC continues to mount broad investigations and...more
On April 12, 2024, the Nebraska Legislature passed the Data Privacy Act (NEDPA), sending the bill to Governor Jim Pillen’s desk for signature. NEDPA adds to the patchwork of state consumer privacy laws in that it does not...more
The California Attorney General (“AG”) recently delivered (pun very much intended) a public CCPA enforcement action against DoorDash, its second following the 2022 settlement with Sephora. The DoorDash action stems from a...more
Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more
Pixels, a piece of tracking software businesses use to assess the success of their advertising campaigns, are creating headaches for in-house counsel as decades-old laws are being revived by litigants. Unlike cookies, pixels...more
Designed for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy is ideal for practitioners who want a deeper understanding of effective compliance management in a...more
California employers, beware: the state’s top prosecutor just announced his office is conducting an investigative sweep of whether and how large California employers have complied with data privacy and consumer protection...more
A recent enforcement action by the Federal Trade Commission (“FTC”) against 1Health.io—which sells “DNA Health Test Kits” to consumers for health and ancestry insights—serves as a reminder that the FTC is increasingly...more
Recent findings by the Office of the Privacy Commissioner of Canada (“OPC”) found that Home Depot of Canada Inc. (“Home Depot”) did not obtain valid meaningful consent to share summary purchase information with Meta Platforms...more
Following the passage of the California Privacy Rights Act (CPRA), for the past two years, employers have been partially exempt from many of the California Consumer Privacy Act's (CCPA) mandates pertaining to applicants,...more