Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
Daily Compliance News: July 22, 2025, The I-9 Hell Edition
Compliance Tip of the Day: Avoiding CCO Liability
Compliance Tip of the Day: COSO Governance Framework - Part 5, People
SkadBytes Podcast | Tech’s Shifting Landscape: Five Trends Shaping the Conversation
Balch’s Consumer Finance Compass: How Standing Can Make or Break Certification for Class Action Lawsuits in Debt Collection
Top challenges with Compliance Management
Innovation in Compliance: Allison Lagosh on Proactive Compliance Planning for Regulatory Changes
Daily Compliance News: July 15, 2025, The Fighting Workplace Bullying Edition
Compliance Tip of the Day: Design - Centric Internal Controls
Treating Compliance Like an Asset
When DEI Meets the FCA: What Employers Need to Know About the DOJ’s Civil Rights Fraud Initiative
#Risk New York Speaker Series – Exploring Future Regulatory Trends and Compliance Strategies with Rory McGrath
The Capital Ratio Podcast | Entering the US Banking Market
SCOTUS Clean Air Act Cases: What’s New?
First 100 Days of the New HSR Rules with Antitrust Partner Kara Kuritz
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
From Permits to Penalties: A Deep Dive Into Coastal Development Law
Compliance into the Weeds: Boeing’s New Safety Initiatives and Compliance Reforms
PODCAST: Williams Mullen's Benefits Companion - Gag Clause Prohibitions
Allocating liability for data breaches in technology contracts is a growing concern for Canadian businesses. Blakes recently launched the first edition of the Canadian Data Liability Study, which identifies and analyzes...more
In the legal industry, handling business transactions is part of our daily routine. Managing the transfer of personal data during acquisitions, sales, mergers or bankruptcy proceedings has become second nature to us. We...more
Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: Texas Limits Punitive Damage Liability For Data Security Breach...more
In April 2025, SK Telecom—South Korea’s largest mobile carrier—formally notified regulators of a significant data breach that compromised sensitive SIM card data belonging to nearly 27 million users. Following an...more
The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more
The tension among regulators between the push for increased transparency and the need to protect individual privacy is always apparent in asset searching exercises. This tension is a global phenomenon, central to the ongoing...more
On June 5, 2025, the UK’s Information Commissioner’s Office (ICO) fined 23andMe £2.31 million (~$3.1 million). The fine was for failing to implement adequate security measures to protect the personal data of over 155,000 UK...more
Welcome to the Summer 2025 issue of Blakes Data Governor, published by the Blakes Privacy & Data Protection group. Blakes Data Governor provides actionable insights and practical overviews of recent developments impacting...more
Our Privacy, Cyber & Data Strategy Team discusses how to overcome five challenges companies face in the wake of a data security incident when reviewing impacted data to comply with legal obligations....more
Last month, Paul Hastings sponsored the Cybersecurity Law Workshop at the Spring Privacy & Security Forum held at George Washington University in Washington, D.C. The Cybersecurity Law Workshop featured three panels of...more
Are you storing sensitive data on a shared network drive? If so, your organization could be at serious risk of a data breach or privacy lawsuit. Shared drives, like the common “S:\ drive,” are often used to store documents,...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: North Dakota Passes Law...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
Welcome to “SERC’ling Up,” your resource for staying ahead in today’s fast-evolving financial landscape. This newsletter delivers perspectives on the latest enforcement trends, regulatory updates and high-stakes developments...more
The Italian Data Protection Authority (the Garante) has issued its first GDPR fine for, among other breaches, unlawful retention of metadata from employees’ emails and web browsing activities. The decision applies, for the...more
Imagine receiving an email from an unknown actor claiming to have taken approximately 2 terabytes of data from your organization’s network. The threat actor provides a file tree and sample files to substantiate its claim....more
In response to a record year of personal data breaches in 2024, affecting millions of individuals, the French data protection authority (CNIL) has published a set of security directives for operators of large databases. While...more
When we are retained by clients to guide them through a cyber-attack in which information has been stolen by a threat actor, we almost always find that the client has unnecessarily stored sensitive information far beyond the...more
The Artificial Intelligence and Machine Learning (“AI/ML”) risk environment is in flux. One reason is that regulators are shifting from AI safety to AI innovation approaches, as a recent DataPhiles post examined. Another is...more
On April 11, North Dakota enacted HB 1127, overhauling its regulatory framework for financial institutions and nonbank financial service providers. The law amends multiple chapters of the North Dakota Century Code and creates...more
In late March 2025, the Florida Bar Board of Governors unanimously endorsed the recommendation of its Special Committee on Cybersecurity and Privacy Law that law firms should adopt written incident response plans (IRPs) to...more
As robotics technology rapidly advances in connection with the use of artificial intelligence (AI), the collection, processing, and storage of personal information—including biometric data—will become increasingly common....more
In the context of a significant increase in data breaches and cyber-attacks impacting hospitals, the French Data Protection Authority (“CNIL”) has launched a series of investigations and issued several formal notices to...more
Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. ...more
Malaysia issued a regulatory guideline for data breach notification in February 2025. This article discusses how the new regulation affects businesses in Malaysia. On 25 February 2025, Malaysia's Personal Data Protection...more