On January 21, 2026, The Associated Press published an internal Immigration and Customs Enforcement (“ICE”) memorandum (“Memo”) claiming that ICE officers may enter private residences to conduct immigration arrests without...more
Foley Hoag is publishing a series of articles on the legal issues confronting the data center industry. Part 1 examined energy usage challenges. Part 2 examined water, community, land use, and e-waste challenges. As part of...more
12/23/2025
/ Contract Terms ,
Data Centers ,
Data Privacy ,
Data Protection ,
Dispute Resolution ,
Emerging Technologies ,
General Data Protection Regulation (GDPR) ,
Innovative Technology ,
Insurance Contracts ,
International Data Transfers ,
Liability ,
Outer Space ,
Risk Management ,
Satellites ,
Solar Panels
A federal court recently ruled that the Trump administration is unlawfully denying bond hearings to potentially thousands of people in New England who were arrested and detained by ICE and deprived of the opportunity to...more
BEST PRACTICES FOR USING AI NOTETAKERS IN SENSITIVE MEETINGS -
AI notetakers are rapidly becoming staples of corporate meetings—bringing efficiency alongside new questions about confidentiality and compliance. This tip...more
10/2/2025
/ Artificial Intelligence ,
Attorney-Client Privilege ,
Confidential Communications ,
Confidentiality Policies ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Security ,
Legal Technology ,
Privacy Concerns ,
Risk Management
On August 7, 2025, Massachusetts Governor Maura Healey signed into law an Act Strengthening Healthcare Protections in the Commonwealth (the “Act”), which amends the state’s existing “Shield Law” protections for providers of...more
California continues to lead the way in data privacy standards as the latest regulatory updates from the California Privacy Protection Agency (“CPPA”) mark a significant step forward in safeguarding individual rights and data...more
Pursuant to a newly effective U.S. Department of Justice (DOJ) regulation, the transfer and storage of certain sensitive U.S. government and personal data may be prohibited or restricted, depending on the intended recipient,...more
6/11/2025
/ Data Privacy ,
Data Security ,
Department of Justice (DOJ) ,
Enforcement Actions ,
Executive Orders ,
Financial Services Industry ,
Life Sciences ,
National Security ,
New Regulations ,
Personal Data ,
Privacy Laws ,
Regulatory Requirements ,
Risk Management
On Friday, February 21, 2025, the United States District Court for the District of Maryland issued a preliminary injunction against key provisions of executive orders issued by President Trump that are aimed at curtailing the...more
President Trump’s Executive Orders targeting diversity, equity, and inclusion (“DEI”), discussed in previous client alerts with regard to higher education institutions and business more broadly, have prompted responses from...more
2/20/2025
/ Civil Rights Act ,
Colleges ,
Constitutional Challenges ,
Dear Colleague Letter ,
Department of Education ,
Diversity ,
Diversity and Inclusion Standards (D&I) ,
Equal Protection ,
Executive Orders ,
New Guidance ,
State Attorneys General ,
Title VI ,
Trump Administration ,
Universities
What should privacy and cybersecurity practitioners and specialists consider after the 2025 inauguration? There are a few notable issues that may shape how businesses think about their privacy and cybersecurity programs:...more
11/11/2024
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Data Protection ,
Election Results ,
EU ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Intellectual Property Protection ,
Legislative Agendas ,
Members of Congress ,
Online Safety for Children ,
Presidential Elections ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
State Privacy Laws
The government had another busy year in 2023, investigating and prosecuting healthcare fraud cases on multiple fronts. Contending with the enormous healthcare crises of the now-concluded COVID-19 pandemic and the ongoing...more
7/3/2024
/ Anti-Corruption ,
BlackRock ,
Congressional Investigations & Hearings ,
Coronavirus/COVID-19 ,
Department of Justice (DOJ) ,
Educational Institutions ,
Enforcement ,
Enforcement Actions ,
Export Controls ,
False Claims Act (FCA) ,
Foreign Corrupt Practices Act (FCPA) ,
Fraud ,
Healthcare Fraud ,
Sanctions ,
Securities and Exchange Commission (SEC) ,
Tennessee
This is the fourth in our 2024 Year in Preview series examining important trends in white collar law and investigations in the coming year. We will be posting further installments in the series throughout the next several...more
2/27/2024
/ Board of Directors ,
Corporate Counsel ,
Corporate Governance ,
Cybersecurity ,
Disclosure Requirements ,
Enforcement Actions ,
Final Rules ,
Insider Trading ,
Popular ,
Publicly-Traded Companies ,
Recordkeeping Requirements ,
Regulatory Agenda ,
Regulatory Requirements ,
Securities and Exchange Commission (SEC) ,
Securities Fraud ,
Securities Regulation ,
Shareholders ,
Special Purpose Acquisition Companies (SPACs) ,
White Collar Crimes
Large companies holding sensitive data – including financial services, telecommunications, business process outsourcing, hospitality, and cryptocurrency firms – as well as their IT helpdesks, are increasingly being targeted...more
11/28/2023
/ Cyber Attacks ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Collection ,
FBI ,
NIST ,
Popular ,
Publicly-Traded Companies ,
Ransomware ,
Reporting Requirements ,
Securities and Exchange Commission (SEC) ,
Sensitive Business Information
Microsoft is one of the world’s leading technology companies. Its products and technologies are in offices, classrooms, and homes. Additionally, governments use them to help conduct vital public services.
Microsoft is also...more
8/16/2023
/ Artificial Intelligence ,
Banking Sector ,
Human Rights ,
Information Technology ,
Law Enforcement ,
Leadership ,
Machine Learning ,
Manufacturers ,
Microsoft ,
Popular ,
Private Equity ,
Retail Market ,
Risk Assessment ,
Risk Management ,
Supply Chain ,
Technology Sector ,
United Nations
On July 10, 2023, the European Commission (EC) adopted its adequacy decision for the EU-U.S. Data Privacy Framework (EU-U.S. DPF, or “Privacy Framework”), which establishes the Privacy Framework as an authorized mechanism...more
7/31/2023
/ Court of Justice of the European Union (CJEU) ,
Cross-Border Transactions ,
Cybersecurity Framework ,
Data Privacy ,
Data Protection ,
EU ,
EU Data Protection Laws ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Privacy Laws ,
Regulatory Agenda
On July 21, 2023, the White House announced that seven leading A.I. organizations (Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI) agreed on and committed to immediately implementing voluntary safeguards...more
On July 26, 2023, the Securities and Exchange Commission (SEC) adopted rules requiring disclosure of material cybersecurity incidents as well as periodic disclosure of cybersecurity risk, management, strategy, and governance...more
7/28/2023
/ Compliance ,
Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
New Rules ,
Proposed Rules ,
Publicly-Traded Companies ,
Regulation S-K ,
Reporting Requirements ,
Required Forms ,
Risk Management ,
Securities and Exchange Commission (SEC)
As we’ve written about before, the question of anonymization can be tricky. When is something “anonymized” or merely “de-identified” or “pseudonymous” — and when does it matter? This is a particularly fraught issue under...more
The International Association of Privacy Professionals held its annual Global Privacy Summit on April 4-5 in Washington, D.C. Here are some things we learned.
1. Generative Artificial Intelligence (“AI”) is Ubiquitous in the...more
4/13/2023
/ Artificial Intelligence ,
Corporate Governance ,
CPOs ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
General Data Protection Regulation (GDPR) ,
Information Technology ,
Internet ,
Machine Learning ,
Privacy Laws ,
Regulatory Requirements ,
Risk Management ,
Web Scraping
This is the eighth part in our 2023 series examining important trends in white collar law and investigations. Up next: anti-corruption.
The tumultuous crypto events of 2022, combined with the heightened agency and executive...more
3/1/2023
/ Blockchain ,
CFTC ,
Cryptocurrency ,
Department of Justice (DOJ) ,
Digital Currency ,
Enforcement Actions ,
Financial Markets ,
Legislative Agendas ,
Popular ,
Proposed Legislation ,
Regulatory Agenda ,
Regulatory Oversight ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Token Sales
With the adoption of new technology, including the quick and unexpected shift to virtual learning because of the COVID-19 pandemic, K-12 institutions are at an increased risk of cyberattacks and threats thereof. The rise in...more
Editors’ Note: How does ChatGPT fare in writing a law firm blog post? We asked ChatGPT to write one . . .
PROMPT: Write a 500 word blog post, in the style of a law firm blog post, on ChatGPT, focusing in particular on...more
When it comes to website privacy compliance, cookies have consistently presented the most fraught issues for U.S. businesses. This is especially true for those businesses that find themselves in a sometimes new or often...more
1/27/2023
/ Consumer Privacy Rights ,
Cookie Banners ,
Cookies ,
Corporate Counsel ,
Data Privacy ,
Data Protection ,
Enforcement ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Member State ,
Privacy Laws ,
UK ,
Websites
As many businesses prepare to renew their insurance policies, considerations of consumer privacy rights ought to be top of mind.
The Colorado Privacy Act -
Scope -
Foley Hoag has previously written about the Colorado...more
12/23/2022
/ Biometric Information ,
Consumer Privacy Rights ,
Cyber Insurance ,
Data Protection ,
Enforcement ,
Insurance Brokers ,
Insurance Industry ,
Popular ,
Privacy Laws ,
Proposed Legislation ,
Proposed Regulation ,
Renewal Options ,
Sensitive Personal Information
Google will spend the next three years with an independent compliance monitor scrutinizing its process for responding to warrants and other government data requests. This and other requirements are part of a settlement...more
11/15/2022
/ Compliance ,
Corporate Counsel ,
Corporate Integrity Agreement ,
Data Preservation ,
Data Retention ,
Department of Justice (DOJ) ,
Google ,
Regulatory Requirements ,
Search Warrant ,
Settlement ,
Stored Communications Act