When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
On August 30, 2024, the Federal Trade Commission announced that the Department of Justice filed a complaint upon notification and referral from the FTC against a surveillance camera company that allegedly failed to provide...more
The Irish Data Protection Commission (DPC) has welcomed X’s agreement to suspend its processing of certain personal data for the purpose of training its AI chatbot tool, Grok. This comes after the DPC issued suspension...more
The English High Court offers limited routes to bring “opt-out” group claims but, in recent years, funded claimants have attempted to bring representative actions under CPR 19.8 at a notable rate. The rule has been available,...more
On April 17, 2024, the State of Nebraska enacted the Nebraska Data Privacy Act (“NDPA”). With the passage of the NDPA, Nebraska joins the ranks of the nineteen other states that have adopted comprehensive consumer data...more
As of July 1, three new comprehensive state privacy laws – the Florida Digital Bill of Rights (FDBR), the Oregon Consumer Privacy Act (OCPA), and the Texas Data Privacy and Security Act (TDPSA) – will take effect, joining the...more
On May 24, 2024, Senate Bill 4757, containing a comprehensive Minnesota Consumer Data Privacy Act (MCDA), was signed into law by Minnesota Governor Tim Walz. It will take effect on July 31, 2025....more
Minnesota’s governor has now signed into law that state’s comprehensive privacy law. For those keeping count – that is number 19 of state “comprehensive” privacy laws, with six in 2024 alone. The Minnesota law will go into...more
On May 25, 2024, Minnesota Governor Tim Walz signed the Minnesota Consumer Data Privacy Act (the "Act"), which takes effect on July 31, 2025, for most controllers and on July 31, 2029, for certain postsecondary educational...more
On April 4, 2024, Kentucky Governor Andy Beshear signed the Kentucky Consumer Data Protection Act (the "KCDPA" or "Act"), which takes effect January 1, 2026. The KCDPA maps in large part to the Virginia Consumer Data...more
The push by U.S. states to pass data privacy laws continues with Maryland being the 18th state to join their ranks. However, Maryland has taken a more stringent and comprehensive approach than many of its peers: Governor Wes...more
On May 10, 2024, Maryland Governor Wes Moore signed the Maryland Online Data Privacy Act of 2024 ("MODPA" or the "Act"), bringing the number of comprehensive state privacy laws to 18and establishing a new, more restrictive...more
Maryland Governor Wes Moore signed the Maryland Online Data Privacy Act of 2024 (MODPA) into law on May 9, 2024. This new law establishes transparency, assessment, and consumer rights requirements for organizations that fall...more
On April 2, 2024, the California Privacy Protection Agency's (CPPA) Enforcement Division issued its first enforcement advisory, titled "Applying Data Minimization to Consumer Requests," to further emphasize the importance of...more
Last month, Nebraska passed the Nebraska Data Privacy Act (NDPA), making it the latest state to enact comprehensive privacy legislation. Nebraska joins California, Virginia, Colorado, Connecticut, Utah, Iowa, Indiana,...more
On 17 April, 2024, Nebraska Governor Jim Pillen signed into law omnibus Legislative Bill 1074, which includes the Nebraska Data Privacy Act, making Nebraska the seventeenth state to adopt comprehensive data privacy...more
Nebraska’s governor has now signed into law the state’s “comprehensive” privacy law making it the fourth one this year, and the 17th overall. It will take effect on January 1, 2025 – the same day as Delaware, Iowa, and New...more
The U.S. is taking another swing at a federal data privacy law with the American Privacy Rights Act, or APRA. While there’s no guarantee that the APRA will become the law of the land, it’s still worthwhile to study in order...more
On April 6, 2024, Maryland's legislature passed a comprehensive privacy bill, the Maryland Online Data Privacy Act (MODPA), and sent it to the state's governor for signature. If enacted, the law would take effect on October...more
2023 was a record-breaking year, with legislators in Delaware, Indiana, Iowa, Montana, Oregon, Tennessee and Texas passing comprehensive data privacy laws, joining California, Colorado, Connecticut, Utah and Virginia. Already...more
With the Kentucky governor recently signing into law that state’s privacy law the US now has 16 states with “comprehensive” privacy laws. This newest one will go into effect on January 1, 2026 – the same day as Indiana. It...more
Keypoint: Maryland’s bill diverges from other Washington Privacy Act variants passed to date with unique data minimization, sensitive data, minor’s data privacy, and unlawful discrimination provisions (among others)....more
Biden Administration Issues Executive Order Restricting Bulk Transfers of U.S. Citizens' Personal Data to “Countries of Concern” - On February 28, 2024, President Biden issued an Executive Order (“EO”) to address the...more
New Hampshire is the fourteenth state with a comprehensive privacy law, as signed by Governor Sununu on March 6, 2024. The new law will go into effect on January 1, 2025. Continue reading for our Q&A on the "trusted" number...more
The proliferation of state consumer privacy laws continues into 2024. On March 6, 2024, New Hampshire Gov. Chris Sununu signed SB255, the New Hampshire Privacy Act (NHPA), making New Hampshire the 14th state to enact a...more
The California Attorney General (“AG”) recently delivered (pun very much intended) a public CCPA enforcement action against DoorDash, its second following the 2022 settlement with Sephora. The DoorDash action stems from a...more