Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
Bridging the Gap: How CivicReach is Revolutionizing Government Customer Service
The Privacy Insider Podcast Episode 11: Signal and Noise: The New Administration, Privacy, and Our Digital Rights with Cindy Cohn of Electronic Frontier Foundation
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
"Monsters Inc." y el tratamiento de los datos
The American Privacy Right Act (APRA) explained
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
Navigating State Privacy Laws
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
Are You Ready to Comply With New State Data Privacy Laws?
Embracing Data Privacy to Drive Business Growth: On Record PR
Data Dividend: What is Personal Data Worth?
Data Revolution: How U.S. Privacy Laws Change the Way Data Should be Managed by Retail and Tech Industries
State AG Pulse | CT AG Reacts to Genetic Data Breach
Episode 293 -- Catching Up with California and Other State Privacy Laws
CFPB's Rulemaking Under the FCRA (Part 3) – Crossover Episode With The Consumer Finance Podcast
23andMe’s recent Chapter 11 bankruptcy filing has sparked significant concerns over the privacy and security of genetic data belonging to its 15 million customers. Founded in 2006, 23andMe built its business around...more
In 2024, state attorneys general (State AGs) focused on a broad variety of areas and industries including, in particular, emerging industries such as artificial intelligence (AI) and privacy and social media protections....more
On March 1, New York State Attorney General Letitia James filed a complaint in the Supreme Court of the State of New York against a group of insurance companies and a parent corporation. The complaint alleged these companies...more
Privacy litigation has taken California (and the country) by storm. In the past twenty-four months, the focus of privacy litigation has shifted from data breaches to data use, and the number of class actions filed grows by...more
In data breach litigation, courts generally find plaintiffs have standing such that their complaints may proceed past the pleading stage when it is alleged that sensitive information was impacted and there is an allegation of...more
Last week, two separate class actions were filed in the federal district court for the Southern District of Texas against DISA Global Solutions (DISA), a third-party employment screening services provider, related to an April...more
The growing prevalence of data breaches has led to an uptick in class action litigation based on consumers' personal information allegedly being accessed. A common theme emerging in these lawsuits is plaintiffs claiming that...more
The Department of Government Efficiency’s (DOGE) staggering unfettered access to all Americans’ personal information is highly concerning. DOGE employees’ access includes databases at the Office of Personnel Management, the...more
Publications & Advisories - January 31, 2025 – Kathleen Benway, Maki DePalo, Jennifer Everett, and Hyun Jai Oh published “Privacy, Cyber & Data Strategy Advisory | FTC Finalizes Amendments to COPPA Rule.”...more
Marriott has agreed to pay $52 million dollars and implement new consumer data protections to settle investigations by attorneys general from 49 states and the Federal Trade Commission, following data breaches that occurred...more
On Jan. 24, the Illinois Supreme Court, in Petta v. Christie Business Holdings Company, PC, affirmed the dismissal of a putative class action following an alleged data breach because the named plaintiff failed to allege any...more
Ethical hackers identified an arbitrary account takeover flaw in the administrator portal for Subaru’s Starlink service, which could allow a threat actor to hijack a vehicle through a Subaru employee account. This...more
MGM Resorts agreed to pay $45 million to settle over a dozen class action lawsuits concerning 2019 and 2023 data breaches. A federal court in Nevada preliminarily approved the settlement, which, according to lawyers, covers...more
On January 24, 2025, the Illinois Supreme Court ruled in Petta v. Christie Business Holding Co., P.C., 2025 IL 130337, that a patient who alleged an increased risk of harm arising from a data breach at a medical clinic did...more
Tomorrow is International Data Privacy Day, so a happy day to all! More seriously, data privacy concerns and legislation continue to rapidly increase. It has been estimated that by the end of 2024 more than 75 percent of...more
The Federal Trade Commission (FTC) issued a proposed settlement order against GoDaddy alleging that it “has failed to implement reasonable and appropriate security measures to protect and monitor its website-hosting...more
It is hard to believe that another year is upon us! As we have done in years past (including 2023, 2022, 2021, 2020, 2019 and 2018), we have created a comprehensive resource of all our www.eyeonprivacy.com posts from 2024. As...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
On December 21, 2024, while many Americans were busy signing holiday cards and exchanging gifts, New York Governor Kathy Hochul was signing six significant pieces of legislation aimed at enhancing online safety and...more
It’s no longer good enough for your business to have a reactive approach to consumer privacy – you need a proactive strategy to manage compliance, foster consumer trust, and stay competitive in this modern era. While many...more
The US privacy legal landscape continues to expand in 2024, with most of the momentum led by state laws. ...more
Enforcement of data privacy laws across the US is in full force. Most recently, Marriott agreed to a $52 million settlement payment to 50 states, including $3.5 million to the State of Texas, following a data breach of 131...more
How's life as a data privacy professional? Are you thriving? Are you even surviving? Most privacy pros we know work hard to keep up with the latest regulations, an increasing volume of DSAR requests, and where data resides in...more
Actions in the last six months of the Brazilian National Data Protection Authority (“ANPD”) suggest that it intends to aggressively enforce the Brazilian Data Protection Law (“LGPD”). The LGPD applies to any entity that...more
Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more