Workplace Sexual Assault and Third-Party Risk: What’s the Tea in L&E?
Law School Toolbox Podcast Episode 509: Listen and Learn -- Third-Party Rights in Contracts (Part 2 - Beneficiaries)
Law School Toolbox Podcast Episode 508: Listen and Learn -- Third-Party Rights in Contracts (Part 1 - Rules)
Compliance Tip of the Day: Leveraging AI for Real-Time Third-Party Risk Management
Episode 365 -- Four Sanctions Cases Everyone Should Know
The Privacy Insider Podcast Episode 12: Compliance Is Good Business: Getting Beyond Fines with Tom Fox of Compliance Podcast Network
Bar Exam Toolbox Podcast Episode 296: Listen and Learn -- Third-Party Rights in Contracts (Part 1 - Rules)
Corporate Use of Third-Party Artificial Intelligence (AI) Tools
One Month to More Effective Written Standards: Day 17 – Policies for Third-Parties
Third Party Observation in Patent Prosecution in China
Consumer Finance Monitor Podcast Episode: Recent Federal and State Debt Collection Developments
Thobekile Cynthia Khumalo on Third Party Due Diligence
Protecting Trade Secrets When Facing Lawsuits or Alternative Dispute Resolution Procedures
Education Data Privacy and Security Laws: Best Practices for School Districts
Episode 162 -- Jessica Sanderson on How to Conduct a Remote Third Party Audit
VIDEO: Update on Third Party Workers’ Compensation Settlements in Pennsylvania
Episode 120: Interview of NAVEX Global Third-Party Risk Officials: Chris Bailey and Stephen Gooding
Subro Sense Podcast - Unpacking Product Claims Against Amazon
Business Succession Planning: Strategies for the Transition
E17: Carpenter Decision Builds Up Privacy from #SCOTUS
The Federal Trade Commission has once again reminded the mobile ecosystem that compliance obligations under the Children’s Online Privacy Protection Act (“COPPA”) do not stop at an app developer’s door. In a recent...more
Two recent high profile settlements signal that the Federal Trade Commission (“FTC”) will continue to aggressively enforce violations of the Children’s Online Privacy Protection Act (“COPPA”). In a particularly high-profile...more
In today’s healthcare environment, compliance is a defining element of patient care quality, operational integrity, and public trust. Oversight from agencies such as the Office for Civil Rights (OCR), the Centers for Medicare...more
August 29, 2025 Megan Nicholls On July 1, 2025, California Attorney General Rob Bonta announced a breathtaking $1.55 million settlement with the operator of a health and wellness information website. The operator is alleged...more
Over the past year, the Federal Trade Commission (FTC) has implemented significant updates to the Children’s Online Privacy Protection Act (COPPA) Rule meant to strengthen key protections for children’s privacy online. COPPA...more
On August 22, 2025, the Consumer Financial Protection Bureau (CFPB) issued an advance notice of proposed rulemaking seeking public comment on potential revisions to its Personal Financial Data Rights Rule (the Rule) under...more
The rapid evolution of digital technologies has ushered in a new era for the legal profession—one characterized by both unprecedented promise and intricate new hazards. As practitioners and clients alike become more reliant...more
Dental service organization (DSO) Aspen Dental has agreed to pay $18.7 million to resolve claims that it secretly shared web user data with Meta and Google, without obtaining users’ consent or informing them....more
The Department of Justice’s (“DOJ”) Data Security Program (“the Program”, 28 C.F.R. Part 202) went into effect on April 8 with a 90-day period of limited enforcement. With DOJ now expecting full compliance, with additional...more
The rapid evolution of large language models (LLMs), retrieval-augmented generation (RAG), and Model Protocol Context (MCP) implementation has led many developers and teams to quickly adopt and integrate these powerful...more
Website operators secured another win in the protracted battle over third-party website cookies last week when a California state court held that these common tech features were not “trap and trace” devices and therefore a...more
Cybersecurity breaches originating from third-party providers (TPPs) are an escalating concern for Australian businesses. As supply chain risks grow, there is a mounting public expectation that the entity that commissioned...more
A trio of federal court decisions has emboldened the plaintiffs' bar with a new potential tool to wield in the ongoing wave of litigation targeting businesses for their use of routine website technologies: the California...more
Over a year after his office’s last privacy enforcement action, on July 1, 2025, California Attorney General Rob Bonta (AG) announced a new California Consumer Privacy Act (CCPA) settlement with Healthline Media LLC...more
In this episode, Monica Chmielewski, vice chair of Foley’s Health Care Practice Group and Shannon Sumner, Chief Compliance Officer and Nashville’s Office Managing Principal of PYA explore how supply chain compliance is...more
Introduction - The intersection of digital customer service tools and privacy law continues to generate high-stakes litigation, especially in California, where the California Invasion of Privacy Act (“CIPA”) has become a...more
An increasingly aggressive plaintiffs’ bar has brought purported class action suits based on the nearly ubiquitous use of tracking technologies used for website analytics. Although any actual harm to the plaintiffs is...more
California Attorney General Rob Bonta has settled claims against Healthline Media (Healthline) for violations of the California Privacy Protection Act (CCPA) related to the company's sharing of personal information and...more
Healthline Media has agreed to pay $1.55 million to resolve allegations that it violated the California Consumer Privacy Act (CCPA) – which is the largest settlement to date under the state’s landmark privacy law. The...more
For businesses subject to the California Consumer Privacy Act (CCPA), a compliance step often overlooked is the requirement to annually update the businesses online privacy policy. Under Cal. Civ. Code § 1798.130(a)(5),...more
Readers of this blog are aware of the barrage of California Invasion of Privacy (“CIPA”) claims brought against online companies. Recently, an unfavorable decision from the Ninth Circuit Court of Appeals (“Ninth Circuit”)...more
Keypoint: In this post: (1) Standing may depend on how specific plaintiffs’ complaint is; (2) the 2d Circuit adopts the 3rd and 9th Circuit’s narrower interpretation of PII under the VPPA; (3) Promises in privacy policies not...more
On April 29, 2025, the Michigan Attorney General filed a lawsuit in the Eastern District of Michigan against Roku on multiple grounds, alleging violations of: (a) the Children’s Online Privacy Protection Act (COPPA), and (b)...more
In Shah v. Capital One Financial Corporation, the Northern District of California handed down a ruling that may shape the trajectory of litigation involving tracking technologies, online privacy policies, and California’s...more
Two recent decisions from the Northern District of California—Shah v. Capital One Financial Corp., No. 24-cv-05985-TLT, 2025 WL 714252 (N.D. Cal. Mar. 3, 2025), and M.G. v. Therapymatch, Inc., No. 23-cv-04422-AMO, 2024 WL...more