Tenant Tales and Reseller Realities: Inside the FCRA Arena With Eric Ellman — FCRA Focus Podcast
Early Returns Podcast - Oliver Roberts: AI and the Law, and an Education
Driven by Data: Auto Finance Trends Uncovered - Moving the Metal: The Auto Finance Podcast
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
Innovations in Compliance: Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye
Early Days of the Trump Administration: Impact on the CFPB — The Consumer Finance Podcast
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
Innovation in Second Requests: Data is Your Greatest Asset
Podcast: How Delaying Third Party Discovery Can End Up Costing You Dearly
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
The Presumption of Innocence Podcast: Episode 48 - Digital Boundaries: Fourth Amendment Protections in a Connected World
eDiscovery Needs Digital Forensics for a Mobile World
A Sneak Peek into Data Mapping: What Implementation Really Looks Like
It's Time to Think About Data Mapping Differently
EEO-1 Filing After June 4: What to Do Now, and How to Prepare for Next Year - Employment Law This Week®
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
An Ounce of Prevention: Keys to Understanding and Preventing AI and Cybersecurity Risks
Calculating eDiscovery Costs: Tips from Brett Burney
The European Commission has adopted a Delegated Act under Article 40 of the DSA, creating a new framework for vetted researchers to access non-public data from Very Large Online Platforms and Very Large Search Engines. This...more
The US “comprehensive” law landscape continues to expand, with two more states—Tennessee (July 1) and Minnesota (July 31) —joining the “comprehensive” privacy law club. Five of these -Delaware, Iowa, Nebraska, New Hampshire,...more
The UK Financial Conduct Authority (FCA) has published final policy statement PS25/7, alongside an updated webpage, on data decommissioning. Following the FCA's consultation in April, it has proceeded with: - Removing the...more
In a significant move, on June 27, 2025 the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) issued an order granting banks and their subsidiaries an exemption from the Customer Identification...more
A recent and far-reaching decision by the Italian Data Protection Authority (Garante) has significantly altered the rules governing marketing privacy consent in Italy, introducing a potential obligation to adopt a double...more
On June 22, 2025, Texas became the latest state to enact comprehensive AI legislation with a uniquely Texan twist through the passage of the Texas Responsible Artificial Intelligence Governance Act....more
New York’s Child Data Protection Act (NYCDPA) has gone into effect, introducing sweeping new requirements for businesses that collect personal data from minors under 18. While New York has not yet joined the ranks of the...more
On June 23, the CFPB issued a technical correction and update to its estimate of “credit invisibles” — adults in the U.S. without a credit record or with insufficient credit history to generate a credit score. As previously...more
On 19 June 2025, CNIL published two additional “how-to-sheets” on artificial intelligence, one on the legitimate interest and the other on the collection of data via web scraping. These documents aim to clarify the rules...more
Employers' access to, and retention of, employee medical information can be fraught with legal risk. Even the most seasoned HR professionals have trouble navigating the complex rules and regulations governing employee medical...more
On June 18, 2025, the CFPB published its 2025 Section 1071 Interim Final Rule. Lenders covered by the 2024 Section 1071 Interim Final Rule should know what the 2025 Rule is changing, how it affects them and what they can and...more
On January 8, 2025, the Department of Justice (DOJ) issued a Final Rule, now referred to as the Data Security Program (DSP), that establishes sweeping new restrictions on access to sensitive personal data and...more
With the ease of apps and websites for planning activities, whether it be vacations, business trips, or shopping, we open ourselves to multiple sources of being followed across devices by collecting, analyzing, and sharing...more
On May 20, 2025, the Commission d’accès à l’information du Québec (CAI) issued a decision regarding the use of in-vehicle video surveillance technology by a delivery company, 13859380 Canada Inc., dba Crane Supply (the...more
Five new state privacy laws took effect in January 2025—Delaware (DPDPA), Iowa (ICDPA), Nebraska (NDPA), New Hampshire (NHPA), and New Jersey (NJDPA)—adding to the compliance maze for businesses operating across state lines....more
For businesses subject to the California Consumer Privacy Act (CCPA), a compliance step often overlooked is the requirement to annually update the businesses online privacy policy. Under Cal. Civ. Code § 1798.130(a)(5),...more
Montana’s privacy law has received a refresh and updates will go into effect October 1, 2025 – exactly one year since the law took effect. The law was modified with SB 297, and changes include coverage, approach with minors,...more
Within the context of electronic discovery (eDiscovery), the task of review refers to the examination of electronically stored information (ESI) to identify content that is relevant, responsive, privileged, or otherwise...more
This monthly report outlines key developments in China’s data protection sector for June. TC260 Two Cybersecurity Practice Guidelines on Personal Information Protection Compliance Audits: On May 19, 2025, TC260 issued two...more
Ever since the 1995 CRA rule was published bank regulators have mandated certain “community” and “market” benchmarks as the basis for rating bank performance under the CRA regulations. Most of that data is in the public...more
A new Indonesian government regulation introduces a structured governance framework intended to strengthen online protection for children. This regulation applies to a broad range of electronic systems operators (ESOs),...more
Vermont recently adopted the Vermont Age-Appropriate Design Code Act, which goes into effect on January 1, 2027. The law is enforceable by the Vermont Attorney General as an unfair or deceptive act or practice. The Attorney...more
The State Administration for Market Regulation and the Standardization Administration of China have jointly issued a new national standard applicable to companies conducting business in China, GB/T 45574-2025, Data Security...more
The Department of Justice (DOJ) implemented a new regulatory regime (Data Security Program) addressing access to, and transfer of, sensitive personal data to countries and persons of concern, including Russia, China and...more
The Council of the European Union (EU) announced on June 12, 2025, that it reached a provisional agreement with the European Parliament (EP) on the “one substance, one assessment” (OSOA) legislative package, “which aims to...more