We get Privacy for work — Episode 12: Managing Competing Priorities: Data Breach Notification Laws and Trade Secrets
No Password Required: Founder of ThreatLocker and the Zero-Trust Revolution
Strategies for Mitigating Data Center Development Delays - Data Centers Series
The Impact of the 2024 CrowdStrike Incident on Cyber Insurance
Agentic AI is Knocking on your Company’s Door: Are you Prepared to Deploy It?
Cybersecurity Awareness Month 2025: Legal Risks, Data360, and Practical Strategies
HIPAA vs. HR - Where Privacy Meets Employment: What's the Tea in L&E?
The Modern Discovery Traps that Are Upending Cases
The New Wave of Web Tracking Litigation: Wiretap Statutes, VPPA Risk, and Consent Strategies — The Consumer Finance Podcast
42 CFR Part 2 Final Rule: What’s Changing and What Do You Need to Know? – Diagnosing Health Care Video Podcast
Podcast - Operationalizing Data Protection: Build Trust, Not Just Compliance
No Password Required: Building Trust at Intel and the Poker Table
LathamTECH in Focus: The EU Data Act: A Digital Game-Changer
The "Lesser-Included" Email Debate: What Does Rule 34 Really Require for Production?
We get Privacy for work — Episode 11: Beyond the Checkbox: Engaging Your Workforce in Privacy and Data Security Training
Dinsmore's Herb Stapleton Discusses Reducing Cybercrime Risk
Top Employment Insights: 44th Annual Workforce Management Briefing - #WorkforceWednesday® - Employment Law This Week®
Dinsmore's Herb Stapleton Appears at CNBC AI Summit
The Privacy Insider Podcast Episode 19: Where Tabletop Games Meet the Future of Privacy with Dr. Tehilla Shwartz Altschuler of the Israel Democracy Institute
We get Privacy for work — Episode 10: Employee Monitoring Tools: Too Good to be True?
As of December 15, 2025, the U.S. Department of State (DOS) will officially begin enhanced screening and vetting of those applying for an H-1B or H-4 visa at a U.S. Embassy or Consulate abroad by reviewing the social media...more
The federal Stored Communications Act (SCA) protects the privacy of personal emails and social media accounts that employees may access with company-owned devices. It provides for both civil and potentially criminal penalties...more
On 19 November 2025, the European Commission published the long-awaited Digital Omnibus, an initiative to streamline and update key pillars of the EU's digital legal framework – especially the Data Act, the General Data...more
During the holiday season, online shopping sites advertise big sales to draw consumers onto their sites. Distracted by low prices and expedited shipping times, shoppers often forget to take a moment to think about security....more
As legal teams prepare for discovery, the scope of electronically stored information (ESI) continues to expand, and so does the complexity of data collection. Traditional sources like email and shared drives are now joined by...more
Starting August 1, 2026, registered data brokers will need to access California’s new one-stop-shop deletion platform to process deletion requests or risk significant fines. Last month the California Office of...more
In recent years, it has become increasingly common for plaintiffs to sue anonymously—while at the same time identifying the defendant(s) by name as well as their alleged acts often in lurid and excruciating detail. A...more
The Dutch Data Protection Authority recently updated its cookie banner guidance. This comes after the agency, the Autoriteit Persoonsgegevens (or AP), promoted a goal earlier this year to monitor 500 websites a year to ensure...more
As always, the initial step is to determine if your company must comply with the California Consumer Privacy Act (“CCPA”). If the answer is no, then you can stop reading. If it is yes, then the following sections cover the...more
Technology is making it easier by the day for “fake people” or real people using fake identifications to apply, interview, get hired, and even work for employers. Sometimes these individuals are referred to as “ghost...more
AI is changing the game in patient care. From wearable sensors that track vitals to predictive alerts that flag early signs of deterioration, these tools are helping clinicians intervene faster and smarter. But here’s the...more
The cross-border transfer of personal information (hereinafter referred to as “PI,” and such transfers as “PI export”) is a routine and often essential part of business operations for companies in China—particularly...more
A California federal court recently handed healthcare businesses another victory in the ongoing wave of privacy lawsuits targeting website analytics and tracking tools. A California federal judge ruled on November 21 that...more
A very important tool in thwarting TCPA class action is the arbitration clause. While attorneys are very familiar with these clauses– and their importance–I find many business leads do not really understand why they matter....more
On November 19, 2025, the European Commission published a package of legislative proposals known as the "Digital Omnibus." Designed to introduce flexibility into the EU's digital regulatory framework, the proposal aims to...more
So lots of action around the Texas registration statute. Did I say action? I meant confusion. Here’s what we know: Texas law requires telemarketers to register with the state if they “call” into the state per Section 302 of...more
The United States District Court for the Central District of California denied class certification for Plaintiff’s proposed Do-Not-Call class, finding that Plaintiff’s circumstantial evidence regarding lack of consent failed...more
This article explores how AI is allowing rights holders and sponsors to deploy innovative solutions to engage with their audiences, and how innovation in this space also raises new commercial and legal questions around data...more
In the current interconnected health research ecosystem, comprehensive and secure access to health data is key to accelerate drug discovery and improve patient outcomes. ...more
The worlds of local government and cybersecurity have officially collided. Recently implemented Ohio House Bill 96 requires every county, township, municipality and school district to adopt a formal cybersecurity program. As...more
Welcome to this month’s issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice....more
Spanish data protection authority, AEPD, imposes 10 Million EUR fine on a company, AENA for deploying a facial recognition system without an adequate DPIA. What does this mean for companies subject to US laws? The decision...more
What Is the Digital Omnibus Regulation Proposal? Maybe you’ve heard–the EU has a bit of a reputation for excessive regulation. That’s doubly true for digital space. Between the GDPR, ePrivacy Directive, EU AI Act, DMA,...more
Generative artificial intelligence is moving from experimental pilot projects into enterprise-wide deployment at an unprecedented pace. Yet as companies accelerate adoption, regulatory bodies in the United States and abroad...more
A recent settlement with an education service provider and three states – California, Connecticut, and New York – serves as a reminder to deactivate the credentials of departed employees. The case arose following a data...more
