State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
Bridging the Gap: How CivicReach is Revolutionizing Government Customer Service
The Privacy Insider Podcast Episode 11: Signal and Noise: The New Administration, Privacy, and Our Digital Rights with Cindy Cohn of Electronic Frontier Foundation
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
"Monsters Inc." y el tratamiento de los datos
The American Privacy Right Act (APRA) explained
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
Navigating State Privacy Laws
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
Are You Ready to Comply With New State Data Privacy Laws?
Embracing Data Privacy to Drive Business Growth: On Record PR
Data Dividend: What is Personal Data Worth?
Data Revolution: How U.S. Privacy Laws Change the Way Data Should be Managed by Retail and Tech Industries
State AG Pulse | CT AG Reacts to Genetic Data Breach
Episode 293 -- Catching Up with California and Other State Privacy Laws
While Andrew Ferguson advocates for a restrained regulatory approach at the FTC, his statements and voting record reveal clear priority areas where businesses can expect continued vigorous enforcement. Two areas stand out in...more
In a significant enforcement move, California’s consumer privacy regulator just ordered a national clothing retailer to pay a $345,178 fine to resolve alleged violations of the state’s privacy law. The California Privacy...more
On May 9, 2025, the Texas Attorney General Ken Paxton announced a $1.375 billion settlement with Google—by far the largest state-level privacy settlement reached against Google to date. The settlement resolves lawsuits filed...more
The California Privacy Protection Agency (CPPA) recently fined clothing retailer Todd Snyder almost $350,000 for two types of consumer privacy errors. Due to technical errors during a 40-day period, it was impossible for Todd...more
The Commonwealth of Pennsylvania is re-joining the U.S. state privacy law race. State Rep. Edward Neilson recently proposed H.B 78, which features all the normal trappings of a state privacy law with a very low...more
Montana’s governor signed Senate Bill 297 to overhaul key portions of the state’s Consumer Data Privacy Act and bring new protections for minors. The changes bring lower thresholds, updated exemptions, expanded notice...more
Businesses are constantly seeking innovative ways to improve their customers’ experiences. Originally published in Law360 - February 10, 2025....more
While uncertainty continued to loom over the CFPB, the states did not take a spring break. Instead, we saw an eye-popping settlement from NY DFS involving BSA/AML claims. And both republican and democratic AGs continued to...more
Colorado was the third state in the U.S. to pass comprehensive privacy legislation, following in the footsteps of California and Virginia (the Colorado Privacy Act (the “CPA”). Now Colorado is increasing protections again,...more
In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more
On April 21, 2025, the Oregon Department of Justice’s Privacy Unit reported a “big spike” in complaints about the Department of Government Efficiency (DOGE) in the first quarter of 2025....more
In a letter dated April 28, 2025, a group of US senators urged Federal Trade Commission (FTC) Chair Andrew Ferguson to examine and address the privacy risks associated with the growing market for consumer devices capable of...more
Businesses just received some good news when a federal court dismissed a California Invasion of Privacy Act (CIPA) claim that aimed to expand the reach of the state’s wiretapping law to cover internet communications. The...more
As we navigate the complex landscape of technology and its impact on society, considering how our digital interactions shape our identities and communities is crucial. The shift towards virtual third spaces—like social media...more
If you are a compliance professional for a U.S.-based company, you have probably been told at some point that you have to worry about the General Data Protection Regulation (GDPR). Have you encountered one of these...more
Topics that we often discuss on this blog are the use of third-party tracking tools and the California Invasion of Privacy Act (“CIPA”). Less discussed of late, however, is the California Consumer Privacy Act (“CCPA”) which,...more
Consumers have been trading their DNA for a personal genetic history lesson with 23andMe since 2007. The company has since become extremely popular and has collected a trove of genetic information relating to more than 14...more
After years of proposed state privacy legislation, Massachusetts lawmakers are poised to once again consider enacting a comprehensive state consumer privacy law in the Commonwealth this legislative session. At a hearing of...more
In two recent rulings, judges in the U.S. Northern District of California have allowed proposed class actions under the California Consumer Privacy Act (CCPA) to proceed without an allegation of a data breach, departing from...more
As Oregon’s data privacy landscape continues to evolve, nonprofits must take note: the Oregon Consumer Privacy Act (OCPA) will apply to nonprofit organizations beginning on July 1, 2025. The grace period granted to nonprofits...more
In a big win for businesses, a California federal court just held that a “tester” plaintiff – someone who visits websites for purposes of initiating litigation – cannot bring a claim under the California Invasion of Privacy...more
Businesses operating across the U.S. should pay close attention to the rapidly evolving consumer privacy landscape. To date, 20 states, including Oregon, have enacted comprehensive consumer privacy laws, with 14 already in...more
As the privacy litigation landscape continues to take shape, search bars have quietly become a Trojan horse in online data collection, carrying new legal theories into the California Invasion of Privacy Act (CIPA) arena. The...more
As noted in our last two client alerts, the issue as to who should be the watchdog to protect consumer personal data is coming to a head in the chapter 11 bankruptcy cases of 23andMe Holding Co and its affiliated debtors...more
23andMe, a pioneer in the DNA testing kit industry, announced that it has filed for Chapter 11 bankruptcy protection and recently asked to select an independent customer data representative regarding any sale of user data....more