The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
Corporations face unprecedented challenges in safeguarding sensitive data and mitigating privacy risks in an era marked by the rapid proliferation of Internet of Things, or IoT, devices....more
Keypoint: Companies onboarding AI products and services need to understand the potential risks associated with these products and implement contractual provisions to manage them. With the rapid emergence of artificial...more
Maretta Morovitz is the Engage Lead at MITRE, where she simplifies the planning of adversary engagement for cyber defenders. Maretta likens her cyber defense work to the movie Home Alone, setting a series of traps for the...more
Recent U.S. developments indicate a growing focus on regulating and investigating the data privacy practices of companies in the automotive sector. The Federal Trade Commission (FTC) recently highlighted in a blog post its...more
As states take pioneering steps towards AI legislation, businesses face new compliance landscapes affecting their operation and strategic planning. California and Colorado are leading with distinct yet influential legislative...more
On April 2, 2024, the California Privacy Protection Agency's (CPPA) Enforcement Division issued its first enforcement advisory, titled "Applying Data Minimization to Consumer Requests," to further emphasize the importance of...more
Both the EU and Germany are taking significant steps to accelerate digitalization in the health sector and facilitate the exchange and use of health data for research and innovation purposes. They aim to improve...more
The EU Data Act came into force on January 11, 2024. The Data Act is part of the European Commission’s data strategy released in February 2020 and obliges manufacturers of connected products to make use-related data available...more
In today's business landscape, businesses are increasingly relying on third-parties to manage their information, especially those hosting their information in the cloud. This reliance on third parties and the nature of cloud...more
In the rapidly evolving digital landscape, the European Union’s Data Act (Data Act), adopted on November 27, 2023 marks a significant shift in data, privacy, and intellectual property regulation. The Data Act applies to...more
Last week, California Attorney General Rob Bonta announced a new enforcement focus on streaming apps’ failure to comply with the California Consumer Privacy Act (CCPA). This investigation will examine whether streaming...more
In October of this year, the Central Bank of Brazil announced an important measure to simplify the consent renewal process within the field of Open Finance. Joint Resolution No. 7/2023—which will amend certain articles of...more
INTERPOL has announced that it has begun moving towards a global data-sharing model to be used by law enforcement. This new model was announced at the 7th INTERPOL Dialogue on an Effective Multilateral Policing Architecture...more
The California Privacy Protection Agency (CPPA) released initial draft regulations for cybersecurity audits (which have since been amended) and risk assessments late this summer. The agency’s board of directors addressed the...more
On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) issued an advance notice of proposed rulemaking (ANPR) with respect to a new consumer financial data portability rule mandated by Section 1033 of the...more
On Thursday, October 19, 2023, the Consumer Financial Protection Bureau (“CFPB”) released a proposed rule addressing “personal data financial rights”, as we reported last week that they would be doing later in October. The...more
On Oct. 19, 2023, the Consumer Financial Protection Bureau (CFPB) released a Notice of Proposed Rulemaking (NPRM) on Personal Financial Data Rights, which would change the way financial institutions hold and distribute...more
On September 12, 2023, Delaware became the 13th state to adopt a consumer data privacy act, joining Florida, another state to recently adopt consumer privacy laws, and others in providing resident consumers with rights...more
With the ever-expanding Internet of Things, data privacy is a growing concern in today’s digital age. The automotive industry is no exception. The National Highway Traffic Safety Administration (“NHTSA”) has broad regulatory...more
Are Automakers Making Sufficient Efforts to Protect Customer Data? With the ever-expanding Internet of Things, data privacy is a growing concern in today’s digital age. The automotive industry is no exception. The National...more
In an age of digital transformation, the legal industry is increasingly thinking about using AI and Large Language Models (LLMs) like GPT for document review, legal research, and even writing legal briefs. Yet, in our...more
Keypoint: Although they are only draft regulations and not part of the formal rulemaking process, the drafts demonstrate the Agency’s intent to create extensive obligations for businesses subject to these regulations. In...more
For decades, medical providers and other covered entities have satisfied their health-data privacy obligations by complying with the federal Health Insurance Portability and Accountability Act (HIPAA) — but this is changing...more
The European Parliament and the Council of the European Union adopted the European Data Act on June 28 after lengthy negotiations. The Data Act creates a legal framework for a single European data market, and its key...more
In another example of the agency’s practice of regulation by blog, the FTC published last week a Business Blog Post about protecting consumer health information. The post, which summarizes key points from several recent...more