Paddle's Payment Predicament: Unpacking FTC's Compliance Crackdown — Payments Pros – The Payments Law Podcast
AI Today in 5: August 22, 2025, The Angst Episode
The Privacy Insider Podcast Episode 17: Security, Cyber-Intel, and a Sense of Humor with Nir Rothenberg of Rapyd
Daily Compliance News: August 22, 2025, The WADA Returns Edition
Regulatory Ramblings: Episode 76 - The Digital Future: The US GENIUS Act and Hong Kong Stablecoins Ordinance / The Hong Kong Web3 Blueprint: Building a Web 3 International Financial Hub Report
Point-of-Sale Finance Series: Understanding the Development and Regulation of Buy Now, Pay Later Products — The Consumer Finance Podcast
Understanding BBB Ratings: Strategic Approaches to Consumer Complaints — Regulatory Oversight Podcast
Compliance Tip of the Day: Co-Thinking with AI
Joint Venture Eligibility Refresher on Requirements for Government Contractors
Compliance into the Weeds: Two Cyber Security Cases for the Compliance Professional
The Road to Regulation: Vehicle Service Contracts Explained — Moving the Metal: The Auto Finance Podcast
AI Today in 5: August 12, 2025, The Creating Billionaires Episode
Compliance Tip of the Day - The ROI of Compliance
AI Today in 5: August 11, 2025, The ACHILLES Project Episode
Taxing Intelligence: AI's Role in Modern Tax Administration
Podcast - An Overview of State Attorney General Consumer Protection Enforcement
LathamTECH in Focus: Move Fast, Stay Compliant
Work This Way: A Labor & Employment Law Podcast | Compliance Clarity for Federal Contractors with Joan Moore and Mim Munzel of Arbor Consulting Group
AI Today in 5: August 6, 2025, The Rethinking Compliance Episode
Compliance Tip of the Day: M&A Domestic Issues
Introduction - In 2025, privacy and AI regulation have moved from the sidelines to the center of business risk and strategy. U.S. states are rapidly enacting a patchwork of privacy laws, with new AI laws emerging and...more
Cross-border data transfers between the EU and U.S. remain a legal and operational minefield. While the July 2023 adequacy decision ushered in the EU-U.S. Data Privacy Framework (DPF), recent developments have called its...more
Resolution CD/ANPD No. 19/2024 (the “Resolution”) deepened the provisions of the Brazilian General Data Protection Law (“LGPD”) regarding International Data Transfers (“IDT”) and brought the country closer to European...more
In August 2024, Brazil’s Data Protection Agency—Autoridade Nacional de Proteção de Dados (ANPD)—issued the International Transfer Regulations, including the Standard Contractual Clauses (SCCs) template. The SCCs are currently...more
On 1 August 2025, the Privacy Commissioner for Personal Data, Hong Kong (“PCPD”), and the Personal Data Protection Bureau, Macao (“PDPB”), in collaboration with seven other privacy and data protection authorities across...more
The DUAA introduces several reforms to UK data protection law, but their implications are relatively limited in practice. The Data (Use and Access) Act 2025 (the DUAA) was enacted on 19 June 2025 and amends rather than...more
On 19 June 2025 the Data (Use and Access) Act (the "DUA Act") received Royal Assent and became law in the UK, having been passed by the UK Parliament on 11 June 2025. The DUA Act principally reforms the General Data...more
Unlike other sectors, US healthcare businesses must reconcile cost-saving strategies with stringent compliance obligations, especially when patient data crosses national borders or is accessed overseas....more
On June 19, 2025, the UK Data Use and Access Bill (DUA Bill) finally received Royal Assent and passed into law as the Data Use and Access Act 2025 (DUA Act). The DUA Act amends the UK General Data Protection Regulation (UK...more
The launch of the Global Cross Border Privacy Rules (CBPR) and Privacy Rules for Processors (PRP) systems on June 2, 2025 offers a framework to manage increasingly difficult standards for global data privacy governance....more
As questions of trust, surveillance, and data sovereignty become central to global trade, businesses face mounting pressure to prove not just compliance but true accountability. That’s why we turned to Constantine...more
On April 28 2025, the Court of Justice of the European Union (CJEU) published an updated version of the fact sheet (the Fact Sheet) summarising key case law on protection of personal data. The Fact Sheet covers the case law...more
Malaysia’s newly released Cross Border Personal Data Transfer Guidelines mark a groundbreaking shift in its data protection regulatory landscape, requiring data controllers to conduct Transfer Impact Assessments and implement...more
Are you using artificial intelligence in your business operations? Do you have AI embedded in the goods and services you offer customers? The regulatory framework applicable to AI continues to develop, including across US...more
The Cyberspace Administration of China (CAC) released an important Q&A on cross-border data transfer requirements and policies in early April, providing clarification on a number of issues of concern to companies in China....more
U.S. companies and organizations have entered a new era of sweeping restrictions on cross-border data transfers. The Department of Justice's (DOJ) Final Rule, "Preventing Access to U.S. Sensitive Personal Data and...more
Chile has amended its data privacy law granting significant rights to data subjects, and imposing stricter obligations on data controllers and processors. Published in the Official Gazette (Diario Oficial) on December 13,...more
On January 3, 2025, the Cyberspace Administration of China (the “CAC”) released the Draft Measures for Personal Information Protection Certification for Cross-Border Data Transfers (the “Draft Measures”) for public comment....more
On January 31, 2025, the French supervisory authority (CNIL) published the final version of its guide on transfer impact assessments (TIA). A TIA must be undertaken by organisations relying on one of the ‘appropriate...more
President Trump recently fired the three democrats on the Privacy and Civil Liberties Oversight Board (PCLOB). Since these firings bring the Board to a sub-quorum level, they have the potential to significantly disrupt...more
On January 8, 2025, the Department of Justice (DOJ) published in the Federal Register a Final Rule, "Preventing Access to U.S. Sensitive Personal Data and Government Related Data by Countries of Concern or Covered Persons,"...more
The U.S. Department of Justice (“DOJ”) published its final rule (“Final Rule”) on January 8, 2025, that will prohibit or restrict transfer of certain data of U.S. persons to countries of concern, including to China. The Final...more
On January 8, 2025, the Department of Justice (“DOJ”) published its Final Rule to implement President Biden’s Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States...more
This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK. 2024 has seen behavioural advertising and cookies continue to dominate the agenda of...more
The Israeli Privacy Protection Authority (“PPA”) recently published a draft opinion, which is open for public comments, addressing transfers of personal data from Israel to other countries. In this opinion, the PPA seeks to...more