No Password Required: CEO of HACKERverse.ai, Disruptor of Cybersecurity Sales and Most Other Things
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — The Good Bot Podcast
The FinReg Frontier: AI and Machine Learning in Consumer Finance — The Consumer Finance Podcast
#WorkforceWednesday®: Artificial Intelligence Regulations for Employers - Employment Law This Week®
Dialing In: The TCPA and Auto Finance — Moving the Metal: The Auto Finance Podcast
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
The Privacy Insider Podcast Episode 12: Compliance Is Good Business: Getting Beyond Fines with Tom Fox of Compliance Podcast Network
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Navigating 2025: Federal Legislative and Regulatory Updates on Stablecoins and Decentralized Finance — The Crypto Exchange Podcast
DOJ Addresses AI in Corporate Compliance Programs — The Good Bot Podcast
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — Hiring to Firing Podcast
FINCast Ep. 40 – 21st Century Financial Warfare: Technology, Economy, & National Security
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
AGG Talks: Women in Tech Law Podcast - Episode 6: Navigating the Legal Landscape of Venture Capital: Key Considerations for Startups
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
Health Insurance Portability and Accountability Act (HIPAA)-covered entities and business associates should be familiar with restrictions on the use or disclosure of protected health information (PHI) under HIPAA rules....more
Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: Virginia Governor Signs Bill Restricting Minor’s Use of Social...more
On May 1, 2025, the California Privacy Protection Agency (CPPA) announced a major overhaul of its draft California Consumer Privacy Act (CCPA) regulations on automated decision-making, cybersecurity audits, risk assessments,...more
Last week, the Second Circuit, in Solomon v. Flipps Media, Inc., joined the Third and Ninth Circuits in holding that “personally identifiable information” (PII) under the Video Privacy Protection Act (VPPA) is limited to...more
As cyber threats become increasingly sophisticated, traditional security models that rely on perimeter defenses are no longer sufficient. Zero Trust Architecture (ZTA) offers a modern approach to security that assumes no user...more
AI is transforming the life sciences industry by accelerating drug discovery and personalizing patient care. But as companies increasingly rely on AI to process genetic, biometric, and other types of health data, they must...more
California continues to police artificial intelligence (“AI”) in the workplace. Following proposed rulemaking on the use of AI for significant employment decisions, Assemblymember Isaac Bryan introduced Assembly Bill 1221...more
On April 11, 2025, the Department of Justice’s (DOJ) National Security Division (NSD) released an Implementation and Enforcement Policy, a Compliance Guide, and a list of over 100 Frequently Asked Questions (FAQs) to help...more
Businesses increasingly rely on AI and generative AI for myriad uses. A new body of “AI law” is forming—and some legal requirements are now live. AI governance is a mandatory compliance function right now rather than next...more
Montana has now become the third state in the US, following Colorado and California, to enact a privacy law that specifically protects neural data – that is, data collected from activity of the central or peripheral nervous...more
As neurotechnology advances and brain-reading devices enter consumer, workplace, educational and healthcare markets, state lawmakers are moving swiftly to address the privacy and ethical concerns these technologies raise....more
The FBI is warning employers about increasing security risks from fraudulent job applications, resulting in hackers infiltrating companies and gaining access to sensitive data. To protect against these risks, employers should...more
On May 1, the California Privacy Protection Agency (CPPA) Board held a meeting to discuss proposed amendments to the CPPA draft regulations on cybersecurity audits, risk assessments and automated decision-making technology...more
The California Privacy Protection Agency (CPPA) recently fined clothing retailer Todd Snyder almost $350,000 for two types of consumer privacy errors. Due to technical errors during a 40-day period, it was impossible for Todd...more
When we are retained by clients to guide them through a cyber-attack in which information has been stolen by a threat actor, we almost always find that the client has unnecessarily stored sensitive information far beyond the...more
On May 6, the California Privacy Protection Agency (CPPA) announced a settlement with Todd Snyder, Inc. over allegations that the men’s retail brand violated CCPA rules on submission and fulfillment of privacy rights...more
The Commonwealth of Pennsylvania is re-joining the U.S. state privacy law race. State Rep. Edward Neilson recently proposed H.B 78, which features all the normal trappings of a state privacy law with a very low...more
The California Privacy Protection Agency (“CPPA”) has made it abundantly clear: privacy compliance isn’t just about publishing the right disclosures – it’s about whether your systems actually work. On May 6, the agency fined...more
As artificial intelligence continues to reshape industries, understanding the evolving regulatory landscape is more critical than ever. Our new APAC AI Watch series offers in-depth analysis of key legal developments across...more
During the 2024 legislative session, the Colorado General Assembly passed Senate Bill 24-205, which is known as the Colorado Artificial Intelligence Act (CAIA). This law will take effect on February 1, 2026, and requires...more
A month has passed since the Department of Justice (DOJ) National Security Division’s (NSD) issued its Final Rule prohibiting certain transactions involving US government data and Americans’ bulk sensitive personal data....more
On April 22, 2025, Laura D’Allaird, Chief of the SEC’s Cyber and Emerging Technologies Unit (CETU), participated in the Incident Response Forum Masterclass 2025 (Incident Response Masterclass). In the session, titled “SEC...more
After a male university student told his mother and girlfriend that a male coach was rumored to be having sex with one of his female players, the mother reported the rumor to the university. The university conducted a Title...more
The Belgian Data Protection Authority recently ruled that a Belgian government entity, FPS Finance, cannot transfer the personal data of “accidental Americans” to the IRS. According to the decision, the transfers needed to...more
After a relatively slow start to 2025, the California Privacy Protection Agency (CPPA) is firing on all cylinders now. In recent weeks, the CPPA (i) revised the proposed Delete Request and Opt-out Platform (DROP) regulations...more