Tech Debt is Common. What does it mean for IPO readiness from a cybersecurity perspective?
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
Podcast - Robots, Rights and New Tech: Balancing Innovation and Data Privacy
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 211: Cybersecurity and Privacy Risks for the Healthcare Industry with Brandon Robinson of Maynard Nexsen
Podcast - Discussing a DOJ Lawsuit Under the Civil-Fraud Initiative
Unveiling the Impact: How Georgia's Open Records Act Affects Private Businesses — Regulatory Oversight Podcast
Why Privacy is Your Secret Weapon Against Third-Party Risk
AI Discrimination and Emerging Best Practices – Part 1 — The Good Bot Podcast
How can founders navigate the explosion of state AI regulations?
#WorkforceWednesday®: New DOL Guidance - ERISA Plan Cybersecurity Update - Employment Law This Week®
What's the Tea in L&E? Can You Share An Employee's Medical Info?
New HIPAA Final Rule: Key Changes to Reproductive Health Care Privacy - Thought Leaders in Health Law®
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
AGG Talks: Women in Tech Law Podcast - Episode 4: Preparing for a Transaction? What Emerging Growth Companies Need to Know
The CMS Interoperability and Prior Authorization Rules
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
John Wick - What You Need To Know about the Corporate Transparency Act
Seeing into the Future: Moving Beyond AI to Visual Intelligence with Oculi CEO Charbel Rizk
Earlier this year, the Biden administration issued Executive Order (EO) 14117, which instructed the Department of Justice (DOJ) to create a framework that would prohibit certain data transactions. ...more
On October 22, 2024, the Consumer Financial Protection Bureau (CFPB) announced its long-awaited final rule on “Personal Financial Data Rights” (the Final Rule). The Final Rule implements Section 1033 of the Dodd-Frank Act,...more
On October 22, 2024, the Securities and Exchange Commission (“SEC”) charged four current or former publicly traded companies with disseminating materially misleading disclosures regarding cybersecurity risks and actual...more
Penn State recently agreed to pay $1.25 million to settle allegations of False Claims Act violations related to its cybersecurity controls after a whistleblower alleged that the university failed to adhere to cybersecurity...more
Continuing its controversial and aggressive approaches to cybersecurity, the U.S. Securities and Exchange Commission (SEC) recently charged four current and former public companies for purportedly “materially misleading...more
After a yearslong lead-up, the Consumer Financial Protection Bureau (CFPB) published its final “open banking” rule in October. The rule effectuates the section of the Consumer Financial Protection Act, which charged the CFPB...more
Proposed rule would create new prohibitions on transactions of sensitive personal data and government-related data - The Department of Justice (DOJ) has proposed a new rule aimed at preventing access of China and other...more
During an investigation, it is not uncommon to discover that an individual has forwarded business emails to their private email address. This ruling from the Higher Regional Court Munich shows the potential implications of...more
Signed into law at the beginning of 2024, colloquially known as the New Jersey Data Protection Act (NJDPA), N.J. Stat. § 56:8-166.4 et seq. will go into effect on January 15, 2025, as New Jersey joins eighteen other states...more
On October 22, 2024 the Consumer Financial Protection Bureau (CFPB) released the final version of the Personal Financial Data Rights Rule (that we reported about here). However, the CFPB did not rest there, two days later it...more
On October 16, 2024, the New York Department of Financial Services (NYDFS) issued an industry letter entitled “Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks” in response to...more
On October 24, the Austria, Berlin, Frankfurt, Hamburg, Leipzig, Luxembourg, Munich, Rhine-Ruhr, Stuttgart and Switzerland IAPP (formerly known as the International Association of Privacy Professionals) KnowledgeNet chapters...more
On 9 October 2024, the European Data Protection Board (EDPB) published its Opinion 22/2024, clarifying the responsibilities of controllers when relying on processors and sub-processors. This guidance emphasizes the importance...more
From access control to data retention, if you are trying implement a new enterprise collaboration or internal chat platform, your compliance team will have critical questions that must be addressed to avoid potential legal...more
The California Invasion of Privacy Act (“CIPA”) and the Massachusetts Wiretap Act (“MWA”) are state statutes which prohibit the unlawful recording of communications. As our readers can guess, CIPA and MWA originally were...more
On October 29, 2024, the Office of Contract Compliance Programs (“OFCCP”) published a notice in the Federal Register about a request for Type 2 Consolidated EEO-1 Reports (the “Consolidated Reports”) for 2021. (The request is...more
Swiss company Scandit AG created an application called ShelfView, which enables retailers to verify the prices of various products and ensure that associated promotions are correctly updated. The application utilizes barcode...more
The U.S. Department of Justice (“DOJ”) released a Notice of Proposed Rulemaking (“Proposed Rule”) on October 21 that would prohibit or restrict the transfer of certain data of U.S. persons to China and other countries of...more
On 10/23/24, the IRS released Notice IR-2024-278 to encourage all taxpayers to sign up for an IRS IP PIN (identity protection personal identification number) to safeguard their identity and help protect against tax-related...more
Keeping the season spooky for data brokers, the enforcement division of the California Privacy Protection Agency announced on October 30, 2024, that it is conducting a public investigative sweep of data broker registration...more
Unit 42 recently reported that it has identified “Jumpy Pisces, a North Korean state-sponsored threat group associated with the Reconnaissance General Bureau of the Korean People’s Army, as a key player in a recent ransomware...more
The shared Safe Software Deployment guidance calls software manufacturers to implement safe software development programs supported by verified processes including robust testing, rollout, and feedback loops....more
Sixteen data protection authorities recently confirmed that controllers must protect their properties from web scraping. And that includes web scraping for the purpose of training AI....more
On October 22, 2024, the Consumer Financial Protection Bureau (CFPB) released its long-awaited final rule implementing Section 1033 of the Consumer Financial Protection Act (CFPA) concerning personal financial data rights....more
Most consumers are aware that their personal data is collected, compiled, analyzed, and sold to third parties for marketing and other purposes. Many employees may not know of similar data collection practices relating to...more