Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
Daily Compliance News: July 22, 2025, The I-9 Hell Edition
Compliance Tip of the Day: Avoiding CCO Liability
Compliance Tip of the Day: COSO Governance Framework - Part 5, People
SkadBytes Podcast | Tech’s Shifting Landscape: Five Trends Shaping the Conversation
Balch’s Consumer Finance Compass: How Standing Can Make or Break Certification for Class Action Lawsuits in Debt Collection
Top challenges with Compliance Management
Innovation in Compliance: Allison Lagosh on Proactive Compliance Planning for Regulatory Changes
Daily Compliance News: July 15, 2025, The Fighting Workplace Bullying Edition
Compliance Tip of the Day: Design - Centric Internal Controls
Treating Compliance Like an Asset
When DEI Meets the FCA: What Employers Need to Know About the DOJ’s Civil Rights Fraud Initiative
#Risk New York Speaker Series – Exploring Future Regulatory Trends and Compliance Strategies with Rory McGrath
The Capital Ratio Podcast | Entering the US Banking Market
SCOTUS Clean Air Act Cases: What’s New?
First 100 Days of the New HSR Rules with Antitrust Partner Kara Kuritz
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
From Permits to Penalties: A Deep Dive Into Coastal Development Law
Compliance into the Weeds: Boeing’s New Safety Initiatives and Compliance Reforms
PODCAST: Williams Mullen's Benefits Companion - Gag Clause Prohibitions
Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: Texas Limits Punitive Damage Liability For Data Security Breach...more
Don’t miss this complimentary webinar spotlighting the five most pressing regulatory developments reshaping compliance in Canada’s financial sector. From board-level liability, to shifting enforcement priorities, get up to...more
In April 2025, SK Telecom—South Korea’s largest mobile carrier—formally notified regulators of a significant data breach that compromised sensitive SIM card data belonging to nearly 27 million users. Following an...more
La Commissaire à l’information et à la protection de la vie privée de l’Ontario (la « CIPVP ») a publié un nouveau guide de gestion de la protection de la vie privée (le « Guide ») ayant pour but d’aider les petits organismes...more
The US “comprehensive” law landscape continues to expand, with two more states—Tennessee (July 1) and Minnesota (July 31) —joining the “comprehensive” privacy law club. Five of these -Delaware, Iowa, Nebraska, New Hampshire,...more
Cross-border marketing of products or services by an overseas company (a body corporate incorporated outside of Bermuda) to customers in Bermuda could be construed as carrying on business in Bermuda and, if so, would be...more
Our Privacy, Cyber & Data Strategy Team discusses how to overcome five challenges companies face in the wake of a data security incident when reviewing impacted data to comply with legal obligations....more
1. Governing Texts 1.1. Legislation The Personal Information Protection Act 2016 (as amended) (PIPA) The Electronic Transactions Act 1999 (as amended) (ETA) The Standard for Electronic Transactions (the ETA Standard) ...more
On May 20, 2025, the Commission d’accès à l’information du Québec (CAI) issued a decision regarding the use of in-vehicle video surveillance technology by a delivery company, 13859380 Canada Inc., dba Crane Supply (the...more
Five new state privacy laws took effect in January 2025—Delaware (DPDPA), Iowa (ICDPA), Nebraska (NDPA), New Hampshire (NHPA), and New Jersey (NJDPA)—adding to the compliance maze for businesses operating across state lines....more
This monthly report outlines key developments in China’s data protection sector for June. TC260 Two Cybersecurity Practice Guidelines on Personal Information Protection Compliance Audits: On May 19, 2025, TC260 issued two...more
The cybercrime group known as Scattered Spider is at it again, according to Google’s Threat Intelligence Group. This criminal group is known to focus its cyber attacks on one sector at a time. Last spring, it was the retail...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
A new wave of state consumer privacy laws focused on limiting data collection is creating anxiety among businesses—and Maryland is leading the charge. The Maryland Online Data Privacy Act (MODPA), set to take effect in...more
Does your state have its own version of the TCPA? Yes. California has what is known as the California Consumer Privacy Act of 2018, which is located in sections 1798.100 to 1798.199.100 of the California Civil Code. The...more
As questions of trust, surveillance, and data sovereignty become central to global trade, businesses face mounting pressure to prove not just compliance but true accountability. That’s why we turned to Constantine...more
On April 22, 2025, the Federal Trade Commission (FTC) published its final amendments ("the Amendments") to the Children's Online Privacy Protection Act (COPPA) Rule in the Federal Register. The Amendments expand the...more
In today's world, violations of individual privacy and secret disclosure are a serious problem. It may be eavesdropping, interception, recording, and the spreading of personal information without the consent of the other...more
The Measures outline requirements and procedures for self-initiated and regulator-mandated compliance audits from May 1, 2025....more
As summer approaches, three new state comprehensive privacy laws are poised to take effect, raising the number of states with effective comprehensive privacy legislation in the US to sixteen (with more to come in 2026). The...more
When we are retained by clients to guide them through a cyber-attack in which information has been stolen by a threat actor, we almost always find that the client has unnecessarily stored sensitive information far beyond the...more
In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more
On April 21, 2025, Arkansas Governor Sarah Huckabee Sanders signed into law the Arkansas Children and Teens’ Online Privacy Protection Act (Act), which will become effective on July 1, 2026. It draws inspiration from the...more
On 14 February 2025, the Cyberspace Administration of China (“CAC”) issued the “Administrative Measures for Personal Information Protection Compliance Audits” (the "Measures"), which will take effect on 1 May 2025. The...more