When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
Rhode Island is the latest state to enact consumer privacy legislation. The Rhode Island Transparency and Privacy Protection Act (the "Act"), which passed into law on June 28, 2024, establishes a framework for controlling and...more
On June 7, 2023, the New York legislature passed the Stop Addictive Feeds Exploitation (SAFE) for Kids Act (SAFE Act or the Act) and the New York Child Data Protection Act (CDPA), both aimed at protecting children online. The...more
On May 9, 2024, Maryland Governor Wes Moore signed HB 603, the Maryland Age-Appropriate Design Code (Maryland AADC). The Maryland AADC builds on Maryland’s Online Data Privacy Act, which was signed into law the same day and...more
On April 7, Senate Commerce Committee Chair Maria Cantwell (D-WA) and House Energy and Commerce Committee Chair Cathy McMorris Rodgers (R-WA) released the text of the American Privacy Rights Act (APRA), a bipartisan and...more
January 28 is International Privacy Day, and this day is an opportunity to learn about recent developments in the legal landscape for privacy law. It is also a good opportunity to highlight how far privacy rights have come,...more
On December 20, 2023, the Federal Trade Commission (FTC) announced proposed changes to the Children’s Online Privacy Protection Rule (COPPA Rule) that would place significant new restrictions on companies that collect...more
Although all fifty states now have data breach notification statutes on the books, a smaller but growing number of states have adopted substantive data privacy laws. The recently passed California Privacy Rights Act (CPRA)...more
On October 31, 2022, the Federal Trade Commission (FTC) announced a complaint and proposed consent order against Chegg, an edtech company, over its security practices that resulted in four security breaches in three years....more
As you may recall from our previous advisory, "The European Commission Implements New Standard Contractual Clauses", existing data sharing contracts that include the old standard contractual clauses ("SCCs") will only remain...more
The ongoing massive data breach in the world of advertising: real time bidding ("RTB"). You likely are, or have been, a target of RTB without your knowledge. The Irish Council for Civil Liberties ("ICCL") found that the...more
On May 19, 2022, the Federal Trade Commission (FTC) adopted the “Policy Statement on Education Technology and the Children’s Online Privacy Protection Act” (COPPA), which calls for increased scrutiny for violations of COPPA...more
Researchers from the Mozilla Foundation reviewed the privacy policies of 32 mental health apps ranging from guided meditation to telehealth counseling services and flagged 28 of them as having “Privacy Not Included.” In...more
FTC Activities in 2021 and Likely Trends for 2022 2021 saw the kickoff of the Khan era at the Federal Trade Commission (FTC). During FTC Chair Lina Khan's first nine months on the job, she has announced privacy and security...more
On July 1, 2021, the Federal Trade Commission (FTC) announced that it settled allegations against Toronto-based Kuuhuub Inc., along with Kuuhuub's Finnish subsidiaries Kuu Hubb Oy and Recolor Oy (together, defendants), that...more
The Gramm-Leach-Bliley Act (GLBA) is a federal law that establishes various legal requirements for companies that qualify as “financial institutions” under the Act. The GLBA’s definition of a “financial institution” is...more
First we take Sacramento, then we take Berlin: How do US data protection laws affect how you do business. The webinar is aimed at in-house or outside counsel, as well as data protection and compliance officers. In this...more
Sweeping consumer privacy law changes are moving quickly through the Florida legislature. Covered private businesses should act now to bring their privacy policies into compliance with the anticipated new requirements....more
Gardiner v. Walmart provided some guidance as to the specificity required to state a claim under the California Consumer Privacy Act (CCPA) and the types of damages that may be recoverable for breaches of California consumer...more
Keypoint: There were four notable developments this week: the Florida House passed a bill out of committee, lawmakers proposed a new bill in Texas, the Washington Privacy Act was scheduled for a public hearing and committee...more
If your website collects information about its visitors, whether by name or anonymously, you are almost certainly required to make specific public disclosures about your treatment of this data and offer visitors information...more
California is no longer the lone state with a consumer data privacy law. Virginia is now on the verge of joining, pending a formal reconciliation between the Virginia House and Senate versions, as well as the governor’s...more
It is privacy policy 101 to say what you do and do what you say. Valuable lessons can be learned about this best practice from the proposed settlement announced between the Federal Trade Commission (FTC) and California-based...more
The California Consumer Privacy Act (CCPA)—the most comprehensive personal data privacy legislation anywhere in the United States so far—is officially being enforced. Is your website in compliance? Does it need to be? What...more
On Friday, August 14, California’s Office of Administrative Law (OAL) approved the final draft of the Attorney General’s (AG) regulations under the California Consumer Privacy Act (CCPA). Attorney General Xavier Becerra’s...more
Enforcement of the California Consumer Privacy Act (CCPA) began July 1, 2020. Our privacy team at Troutman Pepper includes several attorneys who worked in an attorney general’s office. This privacy regulatory team has...more