We get AI for work™: Analyzing "Brewer v. Otter.ai" — A Case Study of the Legal Risks of AI Note Takers
We get Privacy for work — Episode 13: Demystifying Data Mining
We get AI for work™: New Efforts to Ensure a National AI Policy
The Compliance 911 Show
The Privacy Insider Podcast Episode 22: The Data Privacy of the Dead & Critiquing the Digital Divine with Carl Öhman of Uppsala University
No Password Required: CISO at RSA and Champion of a Passwordless Future
From Diligence to Post-Closing: What’s Shifting in 2026 Health Care Transactions
Point-of-Sale Finance Series: Health Care Financing Compliance, Regulatory, and Privacy Pitfalls — Payments Pros – The Payments Law Podcast
Point-of-Sale Finance Series: Health Care Financing Compliance, Regulatory, and Privacy Pitfalls — The Consumer Finance Podcast
From Showroom to Server Room: AI in Auto Finance — Moving the Metal: The Auto Finance Podcast
Navigating Employee Data Responsibly: What’s the Tea in L&E?
AI, Algorithms, and Accountability: Unpacking the Colorado AI Act with Senator Rodriguez — Regulatory Oversight Podcast
Navigate the Money Matrix in Our Upcoming Series: Privacy, Security, and AI Explained — The Consumer Finance Podcast
No Password Required: Virtual CISO at Trace3 and Roller Derby Penalty Box Visitor
Block & Order | Building on Layer 1 with Jennie Levin: Algorand, Policy Shifts & Tokenization’s Future
The Privacy Insider Podcast Episode 21: What Businesses Get Wrong About Regulators and How to Fix Privacy Fast
12 Days of Regulatory Insights: Day 11 – FTC Enforcement Trends in a New Age — Regulatory Oversight Podcast
Listen: Digital Doppelgangers: Navigating AI and Likeness Rights
12 Days of Regulatory Insights: Day 8 – How State AGs Are Rewriting Social Media Rules — Regulatory Oversight Podcast
We get AI for work™: Is your Tool really AI?
The wave of California Invasion of Privacy Act (CIPA) Section 638.51 cases (i.e., pen register or trap-and-trace claims) against companies using web tracking technologies such as Meta and TikTok pixels shows no sign of...more
Little known legal fact: the general rule is a parent or subsidiary cannot enforce an arbitration provision in the name of a related entity. That quirk hung Hello Fresh in a recent effort to enforce an arbitration provision...more
New York Governor Kathy Hochul announced plans to launch a new office to oversee the implementation and enforcement of New York’s artificial intelligence (AI) and digital technology laws as part of a series of recent...more
The Q1 and Q3 Life Science and Health Care Law Update covers key trends in the EU only while the other reports (on Q2 and Q4) cover key trends in the EU as well as in the Big Five (France, Germany, Italy, Spain, UK) in life...more
On January 30, 2026, the Appellate Court of Illinois affirmed summary judgment in Salinas v. Arthur Schuman Midwest, LLC, in favor of staffing agencies accused of Biometric Information Privacy Act (BIPA) violations, holding...more
Unless your medical practice “creates or maintains” substance use disorder (SUD) records covered by federal law (42 CFR Part 2), you can ignore the barrage of panic-inducing emails you have been receiving informing you that...more
Just two weeks ago, I wrote on this blog about how sometimes, it takes the law a while to catch up to technology. Specifically, I wrote about a case that held that flying a drone over your spouse’s home and remotely accessing...more
A new wave of litigation under the Illinois Biometric Information Privacy Act (BIPA) has emerged, zeroing in on a technology many employers now routinely use: AI-powered meeting transcription and note-taking tools. In...more
Employers often run background checks as a regular part of the hiring process to evaluate candidates. However, in Pennsylvania, employers must consider their legal obligations under the Criminal History Record Information Act...more
The Digital Download provides a quarterly snapshot of emerging issues at the intersection of privacy, cybersecurity, and data strategy. It brings together Alston & Bird’s thought leadership, publications, events, and firm...more
Many Title IX coordinators, directors of disability services, and conduct officers serve on Behavioral Intervention Teams (BITs) or Threat Assessment Teams (TATs), and their roles bring valuable perspectives. Sometimes, their...more
Cybersecurity is no longer just an IT or privacy issue. For FDA regulated companies, it’s a patient safety issue, a product quality issue, and increasingly a regulatory enforcement issue. FDA has made it clear that...more
On February 5, 2026, the National Institute of Standards and Technology (“NIST”) released a concept paper, “Accelerating the Adoption of Software and Artificial Intelligence Agent Identity and Authorization.” The paper...more
Welcome to your weekly update from the A&O Shearman Pensions team, covering all the latest legal and regulatory developments in the world of workplace pensions. Data (use and access) act—requirements for complaints process...more
Reproductive health privacy rule vacated. On June 18, 2025, the U.S. District Court for the Northern District of Texas vacated the HIPAA Privacy Rule to Support Reproductive Health Care Privacy Final Rule (Privacy Rule)....more
From virtual meetings to security cameras and smartphones, or even AI glasses and recordings, employees are finding new and novel ways to capture workplace discussions and settings more easily....more
Across organizations, legal, compliance, privacy, finance, and IT teams are being asked to adopt AI tools such as Microsoft 365® Copilot—often driven by executive mandates, but without clearly defined and measurable...more
On December 26 2025, the Cyberspace Administration of China (CAC) issued the Measures for the Classification of Online Information that may Affect the Physical and Mental Health of Minors (the Measures). The Measures clarify...more
OCR is increasing enforcement around parental access to minors’ health information, emphasizing that parents are generally entitled to access their child’s PHI under HIPAA....more
In October 2023, California passed the Delete Act, which, in addition to requiring data brokers to register with the state, directed Cal Privacy (f/k/a the California Privacy Protection Agency or CPPA) to create a data...more
A sharp contrast in the speed of obtaining appellate review is emerging between two key privacy statutes. While the U.S. Supreme Court is set to resolve a circuit split over the Video Privacy Protection Act (VPPA), litigants...more
California Attorney General Rob Bonta announced a sweep concerning so-called “surveillance pricing” or “algorithmic pricing” The AG highlights potential CCPA privacy violations tied to the use of individualized pricing models...more
The Federal Trade Commission (FTC) announced it sent warning letters to 13 data brokers on February 9, 2026, cautioning them of requirements under the Protecting Americans’ Data from Foreign Adversaries Act (PADFA) and urging...more
The longevity ecosystem sits at the crossroads of health care, life sciences, consumer wellness, artificial intelligence (AI), and other emerging technologies....more
Deepfakes can be created and used for many purposes. If properly revealed as a deepfake and the creation does not otherwise violate applicable law, the existence of the deepfake does not generally raise a red flag concern to...more
