Driven by Data: Auto Finance Trends Uncovered - Moving the Metal: The Auto Finance Podcast
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
Innovations in Compliance: Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye
Early Days of the Trump Administration: Impact on the CFPB — The Consumer Finance Podcast
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
Innovation in Second Requests: Data is Your Greatest Asset
Podcast: How Delaying Third Party Discovery Can End Up Costing You Dearly
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
The Presumption of Innocence Podcast: Episode 48 - Digital Boundaries: Fourth Amendment Protections in a Connected World
eDiscovery Needs Digital Forensics for a Mobile World
A Sneak Peek into Data Mapping: What Implementation Really Looks Like
It's Time to Think About Data Mapping Differently
EEO-1 Filing After June 4: What to Do Now, and How to Prepare for Next Year - Employment Law This Week®
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
An Ounce of Prevention: Keys to Understanding and Preventing AI and Cybersecurity Risks
Calculating eDiscovery Costs: Tips from Brett Burney
State AG Pulse | Content moderation vs. free expression
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
If you are a compliance professional for a U.S.-based company, you have probably been told at some point that you have to worry about the General Data Protection Regulation (GDPR). Have you encountered one of these...more
In 2024, the CNIL stepped up its enforcement action, issuing 87 sanctions, 180 compliance orders and 64 reprimands. However, only 12 decisions were made public, thus complicating the exercise of making the regulator’s...more
The year 2025 is certain to be a watershed for social media legislation and litigation. As it continues to shape how we connect, share, and consume information, social media remains at the forefront of public discourse due to...more
While mobile apps have become one of the major means of access to digital services, their ubiquity is accompanied by significant risks to users' privacy, due to the massive amount of personal data they collect and process....more
Data minimization is a legal and operational necessity in today’s privacy landscape. There are now legal and operational curbs to the pervasive practice of keeping everything forever. With the rise of global frameworks like...more
A new decision by the United Kingdom’s high court says that even if you have cookie and marketing consent mechanisms that are sufficient for valid consent under privacy laws for the general public, they may not be enough for...more
AI algorithms are driven by data – lots and lots of data. One of the challenges associated with so much data driving AI algorithms is that at least some of that data may be sensitive individual personal data. In fact, the...more
Advancements in artificial intelligence and digitalization are changing the world of work at a rapid pace. In particular, when AI systems are used as workforce management tools, employers can automate a large number of tasks...more
As of this writing, the CAM4 security incident remains the largest data breach in history. The attack on the website exposed nearly 11 billion records, including users' names, email addresses, sexual orientations, chat...more
The EDPB released guidance last month to help companies understand their obligations when using newer tracking tools. These include pixels, URL tracking, IP-tracking, and the like. First, some background: an EU law that...more
Dutch data privacy officials recently imposed a staggering penalty on Uber – €290 million ($324 million) – for allegedly breaching the European Union’s comprehensive data privacy and security law. This groundbreaking fine is...more
Summary - In its judgement of 11 July 2024 (C-757/22), the European Court of Justice (‘ECJ’) ruled that the violation of a controller’s information obligations under Art. 12 and 13 GDPR, can be subject to a representative...more
In Part 1 of our series on Text-to-Speech AI Models (TTS Models), we highlighted questions that should be considered from an intellectual property perspective. In this Part 2, we provide a high-level overview of data...more
If you’re a data person, or even if you’re not, you may have heard the statistic cited by Eric Schmidt, executive chairman at Google: “There were 5 exabytes of information created between the dawn of civilization through...more
Introduction - We have compiled the main differences between the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing...more
Editor’s Note: During this webcast, industry leaders discussed using generative AI (GAI) in the legal and cybersecurity fields. The speakers, John Brewer, Anya Korolyov, Chris Wall, and Bernie Gabin, all experts in AI and...more
On March 7, 2024, the European Court of Justice (CJEU) issued a landmark ruling on digital advertising and the concepts of personal data and joint controllership under the General Data Protection Regulation (GDPR)....more
As employment-related artificial intelligence (“AI”) tools proliferate, multinational employers feel increasing pressure to deploy AI across their global offices. These tools can provide great value and efficiency across the...more
Each year, the CNIL selects key areas of high interest to concentrate its investigations and assess the compliance of select commercial sectors. On February 8, The CNIL announced its four main areas of focus for...more
On January 16, 2024, New Jersey became the first state to enact a comprehensive data privacy law in the new year, with Gov. Phil Murphy (D-NJ) signing the New Jersey Privacy Act (NJPA) (SB 332) into law. The New Jersey law...more
Following NOYB's filing of 101 complaints over continuous EU-U.S. data transfers by websites operators in the European Economic Area (EEA) in the post-Schrems II era, the Spanish Data Protection Agency (AEPD) issued its first...more
Following the publication of several press articles and employee complaints, the French data protection regulator (“CNIL”) carried out an investigation at the Amazon France Logistique’s (“Amazon”) warehouses. The CNIL's...more
In joined Cases C‑26/22 and C‑64/22, related to the German Credit Reference Agency Schufa (see A&O blog on the automated decision making case), the CJEU considered the retention of personal data regarding individuals who had...more
The European Council adopted the EU Data Act (the Act) on November 27, 2023, representing a major regulatory shift in cloud services and data processing. The Act’s objectives include ensuring fairness in the allocation of...more
A few weeks ago, on 24 September 2023, the Data Governance Act (Regulation (EU) 2022/868 of the European Parliament and of the Council of 30 May 2022 on European data governance) (“DGA”) came into force. The DGA aims to...more