When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Back to School: 3 Essential Employee Trainings
A Sneak Peek into Data Mapping: What Implementation Really Looks Like
Safeguard your Business: Dinsmore's Craig Horbus on Combatting the Rising Threat of ACH Fraud
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
It's Time to Think About Data Mapping Differently
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
This summer, Paul Rothermel presented a three-part webinar series “Privacy Summer School” covering key privacy topics. These programs, drawing on Paul’s deep privacy experience, covered key areas of compliance and risk as...more
Data privacy and security risk and compliance issues relating to exchanges of personal information during merger, acquisition, and similar transactions can sometimes be overlooked. In 2023, we summarized an enforcement action...more
On August 31, the California assembly passed SB1223, which amends the CCPA/CPRA to include “neural data” as a type of sensitive data. SB1223, which is likely to become law, defines “neural data” as “information that is...more
Since the passage of the California Consumer Privacy Act (CCPA) in 2018, other U.S. states have followed suit by enacting comprehensive consumer data privacy laws in rapid succession. While these state consumer privacy laws...more
On September 4, the California Privacy Protection Agency issued an enforcement advisory regarding “choice architectures that have the substantial effect of subverting or impairing a consumer’s autonomy, decision-making, or...more
Businesses with a website beware: California regulators just warned that the law prohibits your website from making website users jump through hoops or otherwise confusing them as they try to exercise their privacy rights,...more
On September 4, 2024, the California Privacy Protection Agency (CPPA) issued Enforcement Advisory 2024-02 which addresses the use of “dark patterns” in user interfaces under the California Consumer Privacy Act (CCPA). This...more
On Saturday, August 31, the California legislature closed its 2024 session. During the past calendar year, we tracked numerous privacy and AI-related bills with fourteen of them passing out of their chamber of origin prior to...more
Keypoint: The California legislature enters into the final week of its session with many bills still under consideration. We are currently tracking thirteen privacy and AI-related bills that previously crossed chambers prior...more
A California federal court recently ruled that disclosure of certain data collected through website cookies that may qualify as health information could trigger a data breach under the California Consumer Privacy Act (CCPA) –...more
Sprawling. That’s one way to describe the nature of data and responsibilities in modern organizations. There’s a lot of personally identifiable information (PII) and sensitive data to track, and knowing what lives where so...more
Welcome to this month's issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice. We invite you to share this resource with your colleagues and visit...more
On July 16, 2024, the California Privacy Protection Agency (CPPA) Board met to discuss advancing a substantial draft California Consumer Privacy Act (CCPA) rulemaking package to formal proceedings. The proposed...more
The California Consumer Privacy Act of 2018 as initially adopted (or subsequently amended until 2020) did not contain the principle of data minimization. A requirement to minimize data collection was, however, added by the...more
A recent board meeting of state officials revealed that the California agency responsible for overseeing the state’s landmark consumer privacy law received over 2,000 complaints for alleged violations in the past year alone –...more
What Issues Did the California Privacy Protection Agency Raise? On July 16, 2024, the California Privacy Protection Agency (Agency) discussed proposed updates to the California Consumer Privacy Act (CCPA) regulations....more
In 2024, the landscape of state attorneys general (AGs) is poised for significant change, with numerous elections and regulatory actions reshaping priorities and enforcement strategies. This dynamic environment reflects the...more
On July 16, 2024, the California Privacy Protection Agency (the “CPPA”) board declined to advance to formal rulemaking California Consumer Privacy Act (“CCPA”) draft regulations on cybersecurity audits, risk assessments,...more
On July 15, 2024, the California Privacy Protection Agency (CPPA) released official materials ahead of its July 16, 2024, Board meeting. The materials include draft regulations for automated decision-making technology, risk...more
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
On June 18, 2024, California Attorney General (“AG”) Rob Bonta and Los Angeles City Attorney Hydee Feldstein Soto announced a settlement with a video game developer and publisher regarding allegations that the company...more
Danielle Ocampo, a member of the CLA’s Law Section, interviewed Steve Millendorf (Partner, San Diego) to gain a deeper understanding of how California is approaching and implementing the EU AI Act. How do the principles...more
On June 18, 2024, California Attorney General (AG) Rob Bonta announced a third CCPA enforcement settlement, this one with Tilting Point Media LLC. Tilting Point was allegedly using its mobile app game "SpongeBob: Krusty...more
If you’re a data person, or even if you’re not, you may have heard the statistic cited by Eric Schmidt, executive chairman at Google: “There were 5 exabytes of information created between the dawn of civilization through...more
In an ongoing effort to enforce the California Consumer Privacy Act (CCPA) and the Children’s Online Privacy Protection Act (COPPA), the California Attorney General's Office (CAG) announced a recent settlement against Tilting...more