The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
California has been active in the kids space. First, the Ninth Circuit’s recently ruled on the California’s Age-Appropriate Design Code Act. Second, the governor has just signed a new law aimed at social media sites....more
In a recent federal case from New York, the court dealt a blow to plaintiffs suing over data breaches. The plaintiffs had filed a putative class action suit, alleging that they (and others like them) had been harmed by the...more
This regular alert covers key policy and regulatory developments related to EU geopolitical risks, including in particular, economic security, Russia’s war against Ukraine, health threats, and cyber threats. It does not...more
On September 18th, I had the opportunity to attend The Masters Conference in Seattle, WA, for my second time, hosted by Perkins Coie. This year, I was struck by how much the technology landscape in eDiscovery has evolved,...more
The US Internet Crime Complaint Center (IC3) received more than 880,000 cybercrime complaints in 2023. Overall financial losses from cybercrime last year reached $12.5 billion, a record-setting year-over-year increase of...more
Malaysia is in the process of updating its Personal Data Protection Act to align more closely with laws in other jurisdictions. The law was originally passed in 2010 and then modified this year. As part of the modification...more
Transparency might be the most important food group in data privacy compliance, especially with the Federal Trade Commission, Office of the New York State Attorney General and California Privacy Protection Agency focusing...more
The government of the British Virgin Islands (“BVI”) and the BVI Financial Services Commission (“FSC”) – the principal financial services regulator – have progressed important initiatives in recent years that demonstrate the...more
The widespread availability of Artificial Intelligence (AI) tools has enabled the growing use of “deepfakes,” whereby the human voice and likeness can be replicated seamlessly such that impersonations are impossible to detect...more
Legal regimes are shifting, including in the intellectual property world as businesses increasingly seek the protection of trade secrets rather than patents to secure their confidential information. When the Defend Trade...more
2024 seems like it is flying by. For those keeping track of US state “comprehensive” privacy laws you know that October 1 – a week away – brings the effective date of the Montana privacy law. The “big sky” state will join...more
Since early September 2024, the U.S. Department of Justice (DOJ) presented its case-in-chief against Google in a lawsuit accusing the company of anti-competitive and monopolistic practices in the complex digital advertising...more
Last week, the Federal Communications Commission (FCC) released a $13 million settlement with AT&T that concluded an investigation into a third-party data breach that exposed AT&T customer data. This is the latest in a series...more
The National Association of Insurance Commissioners’ (NAIC) Privacy Protections (H) Working Group (the “Working Group”) has continued its charge to draft a new or revised model law aimed at standardizing privacy protections...more
If you’re in the privacy industry, you know Max Schrems: Renowned privacy rights advocate and the David who took on Facebook’s Goliath to shine a light on the misuse of consumer data. But that’s just one facet of what he...more
Once again, a Dutch district court has recalled a decision of the Dutch Data Protection Authority (Dutch DPA) for its too strict interpretation that purely commercial interests cannot be legitimate interests under Article...more
The HHS Office for Civil Rights (OCR) has abandoned its appeal of a federal judge’s ruling overturning OCR’s guidance prohibiting covered entities (CEs) and business associates (BAs) from using the web-tracking technologies...more
As of September 22, 2024, the final provision of Law 25, An Act to modernize legislative provisions as regards the protection of personal information will take effect, establishing a new right to data portability for...more
Wondering what the requirements are for transferring personal information out of Brazil? Under the country’s Data Protection Law, extra-territorial transfers of personal information are regulated in much the same way as in EU...more
The German Data Protection Conference (DSK) on September 11, 2024 published guidance on asset deals (the Guidelines) that distinguishes between various stages of a sale process and the relevant personal data that can be...more
Effective September 22, 2024, Quebec's data portability right will come into force, marking the final phase of the implementation of the amendments to the Act respecting the protection of personal information in the private...more
Actions in the last six months of the Brazilian National Data Protection Authority (“ANPD”) suggest that it intends to aggressively enforce the Brazilian Data Protection Law (“LGPD”). The LGPD applies to any entity that...more
Over the past several years, the number of states with comprehensive consumer data privacy laws has increased exponentially from just a handful—California, Colorado, Virginia, Connecticut, and Utah—to up to twenty by some...more
On Sept. 13, the Colorado Attorney General’s Office proposed amendments to the Colorado Privacy Act (CPA) affecting biometric data, children's privacy, and opinion letters....more