How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
Colorado AI Act — The Good Bot Podcast
AGG Talks: Women in Tech Law Podcast - Episode 5: How the Tech Industry Can Monitor Regulatory Changes Under the Trump Administration
2025 Privacy Law Preview: Be Prepared
A Brief Overview of Colorado’s Recently Enacted AI Law
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
State AG Pulse | Never Say Never to Federal Privacy Legislation
Navigating State Privacy Laws
Are You Ready to Comply With New State Data Privacy Laws?
PODCAST: Williams Mullen's Trending Now: An IP Podcast - U.S. State Data Privacy Update
Episode 293 -- Catching Up with California and Other State Privacy Laws
Podcast - Artificial Intelligence in Healthcare and How to Comply with HIPAA & State Privacy Laws
Data Privacy Unlocked, A Conversation with Texas Representative Giovanni Capriglione
March Monthly Minute | Preparing for U.S. State Privacy Laws in 2023
CFPB’s Involvement in Tenant Screening - FCRA Focus Podcast
The CFPB has scaled back some enforcement priorities, and the states have noticed. Certain states – including California, New York, Texas, and Connecticut – are particularly active, pursuing UDAP violations, privacy issues,...more
On June 25, 2025, Governor Ned Lamont signed Connecticut Senate Bill 1295 into law. SB 1295 significantly amends the Connecticut Data Privacy Act (CTDPA) by lowering the threshold for applicability, broadening the definition...more
With the seemingly never-ending updates to B2B contracts for compliance with new (and amended) comprehensive state privacy laws, the U.S. Department of Justice’s bulk data transfer rule, and artificial intelligence (AI)...more
In May, Montana enacted Senate Bill 297, which amends the Montana Consumer Data Privacy Act (MCDPA) to eliminate the broad exemption for financial institutions subject to the Gramm-Leach-Bliley Act (GLBA). Connecticut...more
Earlier this year, North Dakota’s Governor signed HB 1127, which introduces new compliance obligations for financial corporations operating in North Dakota. This new law will take effect on August 1, 2025....more
On June 11, 2025, Connecticut passed Senate Bill 01295 (SB 01295). If signed by the governor, SB 01295 will amend the existing Connecticut Data Privacy Act (CTDPA) in several important ways, with the amendments going into...more
North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more
On Thursday, the U.S. House Committee on Financial Services Subcommittee on Financial Institutions held a hearing entitled, “Framework for the Future: Reviewing Data Privacy in Today’s Financial System.” Hearing testimony...more
On May 8, 2025, Montana Governor Greg Gianforte signed Senate Bill 297 (SB 297) into law, significantly revising the existing Montana Consumer Data Privacy Act (MCDPA). These amendments generally mirror requirements in...more
On May 8, 2025, the governor of Montana signed into law SB 297, which amends the Montana Consumer Data Privacy Act (MCDPA). The amendments become effective on October 1, 2025. Among other things, SB 297: • amends the...more
In this crossover episode of The Consumer Finance Podcast and Regulatory Oversight, Chris Willis, Kim Phan, and Stephen Piepgrass provide insights on a new joint privacy task force among several state AGs, known as the...more
Eight years ago, on March 1, 2017, the New York Department of Financial Services enacted its landmark cybersecurity regulation covering financial services companies, 23 NYCRR Part 500, known as “Part 500.” Part 500 was the...more
On April 3, Arkansas enacted HB 1509 (the “Act”), known as the Arkansas Second Amendment Financial Privacy Act. The Act prohibits financial institutions from using merchant category codes that distinguish firearms retailers...more
Like a health inspection sticker in a restaurant’s front window, a GLBA privacy notice must provide clear and conspicuous disclosures about a financial institution’s practices relating to nonpublic personal information (NPI)....more
The financial industry increasingly uses artificial intelligence (“AI”) to raise business efficiencies, improve customer experience, and limit fraud and crime. However, two lawsuits leveraging existing state privacy laws and...more
Keypoint: New York has amended its data breach notification law twice in the last 60 days to (1) add a 30-day deadline for notifying affected residents, (2) clarify that covered financial entities must still notify the New...more
Trying to plot the course for a data security plan in 2025 requires piecing together the maps of various cartographers and decoding each map’s legends and keys....more
It can be daunting for Fintechs, money services businesses (MSBs), and other non-bank entities operating in the consumer financial products and services space to navigate privacy legislation and determine which provisions of...more
On November 12, 2024, the Consumer Financial Protection Bureau (CFPB) released a report examining the carve outs and limitations contained in comprehensive state privacy laws relating to financial institutions. In an...more
On November 12, the CFPB released a report analyzing federal and state-level privacy protections for consumer financial data. The current federal framework for financial data privacy relies on the Gramm-Leach-Bliley Act...more
The New York Department of Financial Services (“NYDFS”) recently published guidance on managing cyber risks related to AI for the financial services and insurance industry. Though the circular letter does not introduce any...more
The financial services industry has seen a litany of new data privacy and cybersecurity challenges through the first half of 2024. Financial institutions are facing unprecedented compliance hurdles resulting from the...more
Oregon’s governor has now signed into law the state’s comprehensive privacy law. Meaning, there are now 12 states with these laws, six of which were passed just this year (others passed in 2023 were Iowa, Indiana, Tennessee,...more
Join Elliot Golding, Daniel Gottlieb and Amy Pimentel for a deep dive into how the new state privacy laws impact the healthcare and financial services industries....more
The Gramm-Leach-Bliley Act (“GLBA”) was a bi-partisan regulation passed by Congress in 1999 in an attempt to update and modernize the financial industry. One component of the GLBA, its Safeguards Rule, requires financial...more