State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
Bridging the Gap: How CivicReach is Revolutionizing Government Customer Service
The Privacy Insider Podcast Episode 11: Signal and Noise: The New Administration, Privacy, and Our Digital Rights with Cindy Cohn of Electronic Frontier Foundation
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
"Monsters Inc." y el tratamiento de los datos
The American Privacy Right Act (APRA) explained
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
Navigating State Privacy Laws
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
Are You Ready to Comply With New State Data Privacy Laws?
Embracing Data Privacy to Drive Business Growth: On Record PR
Data Dividend: What is Personal Data Worth?
Data Revolution: How U.S. Privacy Laws Change the Way Data Should be Managed by Retail and Tech Industries
State AG Pulse | CT AG Reacts to Genetic Data Breach
Episode 293 -- Catching Up with California and Other State Privacy Laws
Data subject access requests (DSARs), or subject rights requests (SRRs), are evolving. Whether your organization is based out of the EU, the US, or elsewhere in the world, consumers’ awareness and expectations are...more
On May 9, the California Privacy Protection Agency (CPPA) announced it opened the formal public comment period for its proposed regulations concerning updates to the California Consumer Privacy Act. The proposed rules would...more
Effective July 1, 2025, Tennessee enters the national privacy conversation with the Tennessee Information Protection Act (TIPA), becoming the latest state to enact a comprehensive consumer data privacy law. However, this...more
On May 8, Montana Governor Greg Gianforte signed into law Senate Bill 297 (SB 297), a bill that significantly revises the existing Montana Consumer Data Privacy Act (MCDPA). Although the MCDPA took effect on October 1, 2024,...more
While Andrew Ferguson advocates for a restrained regulatory approach at the FTC, his statements and voting record reveal clear priority areas where businesses can expect continued vigorous enforcement. Two areas stand out in...more
Below, we catalog certain current state laws regulating the development and use of AI systems and technologies passed between 2019 and 2025. This list focuses on legislative initiatives that have passed and are in effect or...more
In this crossover episode of The Consumer Finance Podcast and Regulatory Oversight, Chris Willis, Kim Phan, and Stephen Piepgrass provide insights on a new joint privacy task force among several state AGs, known as the...more
On May 1, 2025, the California Privacy Protection Agency (CPPA) announced a major overhaul of its draft California Consumer Privacy Act (CCPA) regulations on automated decision-making, cybersecurity audits, risk assessments,...more
On May 1, the California Privacy Protection Agency (CPPA) Board held a meeting to discuss proposed amendments to the CPPA draft regulations on cybersecurity audits, risk assessments and automated decision-making technology...more
Montana’s governor signed Senate Bill 297 to overhaul key portions of the state’s Consumer Data Privacy Act and bring new protections for minors. The changes bring lower thresholds, updated exemptions, expanded notice...more
On May 1, 2025, the California Privacy Protection Agency (“CPPA”) Board convened to discuss revisions to the California Consumer Privacy Act (“CCPA”) draft regulations on cybersecurity audits, risk assessments, automatic...more
The California Privacy Protection Agency (“CPPA”) Board released newly modified draft regulations addressing automated decision-making technology (“ADMT”), risk assessments, and cybersecurity audits under the California...more
Colorado was the third state in the U.S. to pass comprehensive privacy legislation, following in the footsteps of California and Virginia (the Colorado Privacy Act (the “CPA”). Now Colorado is increasing protections again,...more
On April 16, regulators from California, Colorado, Connecticut, Delaware, Indiana, New Jersey, and Oregon announced the creation of the Consortium of Privacy Regulators, a new collaborative effort focused on the...more
In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more
The NAIC’s privacy protections and cybersecurity working groups have continued their building efforts....more
In a letter dated April 28, 2025, a group of US senators urged Federal Trade Commission (FTC) Chair Andrew Ferguson to examine and address the privacy risks associated with the growing market for consumer devices capable of...more
Businesses need to remain vigilant regarding recent developments in consumer-based data privacy class actions. In recent weeks, the plaintiff class action bar has filed several lawsuits against The Trade Desk Inc. related to...more
Welcome to Wiley’s update on recent developments and what’s next in consumer protection at the Consumer Financial Protection Bureau (CFPB), Federal Trade Commission (FTC), and at the state level. CFPB activity continues to be...more
If you are a compliance professional for a U.S.-based company, you have probably been told at some point that you have to worry about the General Data Protection Regulation (GDPR). Have you encountered one of these...more
While March featured a flurry of newly introduced comprehensive privacy bills, state legislatures now appear to be primarily focused on pushing existing proposals through the chambers. ...more
After years of proposed state privacy legislation, Massachusetts lawmakers are poised to once again consider enacting a comprehensive state consumer privacy law in the Commonwealth this legislative session. At a hearing of...more
The states bounced back from a somewhat quiet previous biweekly update with several noteworthy developments in the last two weeks. A total of five new state comprehensive privacy bills were introduced in Maine (LD 1224),...more
El pasado 20 de marzo de 2025 se publicó la nueva Ley Federal de Protección de Datos Personales en Posesión de los Particulares (“LFPDPPP”) que entró en vigor el 21 de marzo del presente año y que contiene importantes cambios...more
Whether you are swamped by a deluge of subject rights requests or just want more time to spend on strategic work, managing SRRs effectively is a highly sought-after goal — one that's seldom achieved. Between parsing...more