When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Back to School: 3 Essential Employee Trainings
A Sneak Peek into Data Mapping: What Implementation Really Looks Like
Safeguard your Business: Dinsmore's Craig Horbus on Combatting the Rising Threat of ACH Fraud
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
It's Time to Think About Data Mapping Differently
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
On September 4, the California Privacy Protection Agency (“CPPA”) issued an enforcement advisory warning businesses against using “dark patterns” in their user interfaces. “Dark patterns” are choices a company makes regarding...more
The Australian Government has today published a draft Bill outlining the next steps in Australia’s Privacy Act Review process. The changes to be implemented by the Privacy and Other Legislation Amendment Bill 2024 include...more
The California Privacy Protection Agency (CPPA) has taken a step towards enhancing transparency and public engagement around its objectives and priorities by launching its official blog. This platform, available at CPPA Blog...more
Data privacy and security risk and compliance issues relating to exchanges of personal information during merger, acquisition, and similar transactions can sometimes be overlooked. In 2023, we summarized an enforcement action...more
Over the past several years, the number of states with comprehensive consumer data privacy laws has increased exponentially from just a handful—California, Colorado, Virginia, Connecticut, and Utah—to up to twenty by some...more
Keypoint: The proposed draft amendments modify the Colorado Privacy Act Rules to create a process for issuing opinion letters and interpretative guidance and to address the biometric and children’s privacy amendments passed...more
On August 31, the California assembly passed SB1223, which amends the CCPA/CPRA to include “neural data” as a type of sensitive data. SB1223, which is likely to become law, defines “neural data” as “information that is...more
On September 4, the California Privacy Protection Agency issued an enforcement advisory regarding “choice architectures that have the substantial effect of subverting or impairing a consumer’s autonomy, decision-making, or...more
Businesses with a website beware: California regulators just warned that the law prohibits your website from making website users jump through hoops or otherwise confusing them as they try to exercise their privacy rights,...more
2024 has been another big year for privacy, with significant developments happening almost daily. Several new state privacy laws are going into effect, with several more coming in 2025, and discussions surrounding a potential...more
Keypoint: California district courts continue to split over whether “knowledge” is required to plead liability under Section 631(a)’s fourth prong while two decisions show courts taking different approaches to VPPA claims at...more
The Federal Trade Commission (FTC) has been actively flexing its authority as a privacy regulator in recent months. The agency has been especially focused on identifying data practices it views to be “unfair”, thereby...more
Summary - In its judgement of 11 July 2024 (C-757/22), the European Court of Justice (‘ECJ’) ruled that the violation of a controller’s information obligations under Art. 12 and 13 GDPR, can be subject to a representative...more
On August 23, 2024, a proposed class action lawsuit was filed by Kamilah Jolly, against FurtherEd, Inc., doing business as Lawline, which centers on allegations that Lawline violated the Video Privacy Protection Act (VPPA)....more
In a significant move to enhance consumer privacy and promote transparency in digital practices, the New York State Attorney General recently published two critical guides: “Website Privacy Controls: A Guide for Business” and...more
These lawsuits make generalized allegations that business websites use software or tools to collect various types of device and browsing information from website visitors and that businesses then share such information with...more
Iowa AG Brenna Bird has announced the promotions of three senior staff members. Ed Bull, previously Chief of the Health and Human Services Section, has been appointed Deputy Attorney General for Agency Counsel. Jeff...more
Keypoint: Courts have started to issue Pixel-based wiretapping decisions, the Seventh Circuit weighs in on when a manufacturer can be forced to pay arbitration fees, and three courts showed different approaches to dismissing...more
Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more
Recently, the Office of the New York State Attorney General (OAG) issued an advisory warning business that website tracking technology may violate New York consumer protection laws, including the state’s Uniform Deceptive...more
Las compañías que hacen negocios en México deben revisar las políticas y prácticas pertinentes para asegurarse de que se alinean al marco integral de privacidad de datos del país. Específicamente, querrá evaluar sus avisos de...more
The revamped Health Breach Notification Rule by the Federal Trade Commission (FTC) took effect on July 29, 2024, expanding consumer privacy protections to the users of online health platforms and health and wellness apps. Our...more
Companies doing business in Mexico should review relevant policies and practices to ensure they align with the country’s comprehensive data privacy framework. Specifically, you’ll want to assess your privacy notices, data...more
This week, Ken Paxton, the Texas Attorney General, filed suit against General Motors for alleged violations of the Texas Deceptive Trade Practices Act in collecting and selling drivers’ data to insurers without consumer...more
A California federal court recently ruled that disclosure of certain data collected through website cookies that may qualify as health information could trigger a data breach under the California Consumer Privacy Act (CCPA) –...more