A Sneak Peek into Data Mapping: What Implementation Really Looks Like
It's Time to Think About Data Mapping Differently
EEO-1 Filing After June 4: What to Do Now, and How to Prepare for Next Year - Employment Law This Week®
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
An Ounce of Prevention: Keys to Understanding and Preventing AI and Cybersecurity Risks
Calculating eDiscovery Costs: Tips from Brett Burney
State AG Pulse | Content moderation vs. free expression
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
Navigating the Digital Frontier: Employee Privacy Rights and Legal Obligations in the Modern Workplace
DE Under 3: OMB Announced Finalized Overhaul to Federal Race & Ethnicity Data Collection Standards
Embracing Data Privacy to Drive Business Growth: On Record PR
Work This Way: A Labor & Employment Law Podcast - Episode 6: Digital Forensics & Protecting Trade Secrets with Clark Walton
PODCAST: Williams Mullen's Trending Now: An IP Podcast - U.S. State Data Privacy Update
Managing Large Scale Review Efficiency: Tips From a GC
AD Nauseam – Children, They are Indeed Our Future – COPPA Developments
1071 Rule Status — The Consumer Finance Podcast
Data Dividend: What is Personal Data Worth?
The Great Link Debate and the Future of Cloud Collaboration
RegFi Episode 9: Consumer Data Collection and Usage with Eric Ellman
The Federal Trade Commission (FTC) has been actively flexing its authority as a privacy regulator in recent months. The agency has been especially focused on identifying data practices it views to be “unfair”, thereby...more
The Personal Information Protection Act ("PIPA") comes into full force on 1 January 2025. All organisations in Bermuda are expected to be in compliance with it by that date – time is running out! The Privacy Commissioner...more
Recently, the Illinois General Assembly have restarted efforts to amend the Biometric Information Privacy Act of 2008 (“the Act”). On January 31, 2024, Senator Bill Cunningham introduced S.B. 2979 ostensibly to answer the...more
[Editor’s Note: This article has been republished with permission. It was originally published January 18, 2024 on the eDiscovery Assistant Blog] In Episode 129 of Case of the Week, Kelly Twigger of eDiscovery Assistant...more
Global Privacy Controls, vendor management, sensitive personal information, and the use of Ad Tech; new U.S. state data protection laws introduce twists to traditional notions of American data protection law. In the U.S.,...more
A few weeks ago, on 24 September 2023, the Data Governance Act (Regulation (EU) 2022/868 of the European Parliament and of the Council of 30 May 2022 on European data governance) (“DGA”) came into force. The DGA aims to...more
On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) issued an advance notice of proposed rulemaking (ANPR) with respect to a new consumer financial data portability rule mandated by Section 1033 of the...more
Joe Alves filed a class-action complaint against BJ’s Wholesale Club, alleging that BJ’s uses computer code, called Session Replay Code (SRC), to secretly record consumer activity on BJ’s website. Alves claims that BJ’s...more
On June 30, 2023 the Northern District of Illinois vacated the $228 million damages award previously entered in the first jury trial arising under Illinois’ Biometric Information Privacy Act (BIPA), and ordered a new jury...more
Of the many worries on privacy compliance teams’ lists as we face the onslaught of state “general” privacy laws are the impacts they have on vendor contracts. Fortunately for those who have already had to deal with contracts...more
2022 has seen a new wave of class action lawsuits targeting companies that use technology to track consumers’ interfaces on their websites. These lawsuits generally allege that the use of technologies such as session replay...more
“Precise Geolocation” has become a hot button issue in the privacy world with recent data privacy laws seeking to regulate the collection and processing of such information, including in California and Virginia. The...more
The use of tracking technologies on websites and mobile applications (e.g., cookies) has become largely ubiquitous in our technology-driven world. Health care providers and organizations, for example, may use tracking...more
Some states will affirmatively require annual audits of a business’s data collection and processing practices and—in some cases—to submit those audits to state regulators. With new US state data protection laws taking...more
As we explained in our last post, managing ediscovery in the cloud is the only viable solution for dealing with the massive amount of electronic data involved in litigation today. Nextpoint has been an advocate for...more
On July 8, 2022, the California Privacy Protection Agency commenced the formal rulemaking process to adopt regulations to clarify and implement the amendments to the California Consumer Privacy Act (“CCPA”). The amendments...more
On June 23, 2022, Representatives Pallone, Rodgers, Schakowsky, and Bilirakis introduced the American Data Privacy and Protection Act, HR 8152. This Act represents an effort to create a comprehensive federal privacy law. ...more
“Businesses, service providers, and contractors are to comply with not just the letter of the (California Consumer Privacy Act), but the spirit of the law.” That is according to a new Initial Statement of Reasons issued...more
Keypoint: The California Privacy Protection Agency issued a first set of draft regulations that contain a number of notable provisions but do not address all of the CPRA’s rulemaking topics....more
WHAT YOU NEED TO KNOW IN A MINUTE OR LESS - The collection and storage of sensitive data can not only invite the attention of government agencies, but also that of putative class action plaintiffs. Government inquiries,...more
Keypoint: Starting in 2023, organizations that are subject to one or more of the laws will need to enter into contracts with recipients of personal information/data that address numerous statutory requirements....more
Remote patient monitoring (“RPM”) refers to the use of digital technologies to monitor and capture medical and other health data from an individual. This data is electronically stored for an individual’s personal use or...more
The U.S. Securities and Exchange Commission is implementing a campaign to overhaul the agency’s expectations around cybersecurity and cyber incident reporting for the financial services industry and corporate America...more
Companies collecting consumer DNA for non-medical purposes seem to be playing fast and loose with their customers’ data, according to a well-regarded consumer watchdog. This category of private money makers, which could...more
Since 2018, a consistent stream of newly adopted privacy laws and other regulatory developments (such as GDPR, CCPA, Schrems II, and the new EU Standard Contractual Clauses) has required companies to make regular updates to...more