How Startups Can Comply With Ever-Changing Privacy Laws
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Rethinking Records Retention
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
Top Healthcare Compliance Priorities for 2025
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
On June 17, 2025, the Office of the Privacy Commissioner of Canada (OPC) released a summary of its investigation findings regarding a data breach at 23andMe, which affected nearly seven million customers, including...more
Selected U.S. Privacy & Cyber Updates - DOJ Settles False Claims Act Case with MORSECORP over Cybersecurity Program - On March 26, 2025, the U.S. Department of Justice (DOJ) announced that it had reached an agreement with...more
On 14 January 2025, the Home Office opened a public consultation (the "Consultation") on proposals seeking to address the growing threat and impact of ransomware in the UK. The UK Government details three specific proposals...more
The 2024 CrowdStrike outage and the ransomware attack on NHS partner Synnovis hit mainstream news and highlighted the fragility of ICT supply chains and the risks posed by cyber incidents....more
On January 14, 2025, the UK government unveiled a proposed framework aimed at combating the rise of ransomware attacks by implementing a payment prevention and reporting regime. This would require companies to not only report...more
It is hard to believe that another year is upon us! As we have done in years past (including 2023, 2022, 2021, 2020, 2019 and 2018), we have created a comprehensive resource of all our www.eyeonprivacy.com posts from 2024. As...more
As expected in the data privacy and digital space, 2024 shaped up to be a year full of guidance, consultations, regulatory focus areas and legislative updates. Artificial Intelligence (AI) remained a hot topic with...more
How should multiple claimants seek compensation for alleged data misuse? It had originally been thought that the answer might be a representative action; an “opt-out” procedure enabling a single claimant to bring proceedings...more
Welcome back to the Class Action & MDL Roundup! This edition covers notable class actions from the first quarter of 2024. In this edition, UK High Court weighs in on information asymmetry, debit is better than credit,...more
Welcome to the latest edition of Updata – the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and...more
As cybersecurity breaches remain a common threat globally, the UK government has published a cybersecurity breach survey detailing various cybersecurity policies, processes, and reliances for all types of business....more
The story so far - In July 2022 the Data Protection and Digital Information Bill (the original Bill) was introduced into Parliament and we finally got sight of the UK Government’s intended direction for data protection...more
Editor’s Note: On February 15, 2023, HaystackID shared an educational webcast to provide valuable insight into the ways in which AI is being used to address key issues in the realm of privacy and cybersecurity. The expert...more
The UK’s new Code of Practice for App Store Operators and App Developers provides companies with privacy-related resources. It also highlights ICO privacy expectations. Participating in the code is done by voluntarily...more
In this month’s Privacy & Cybersecurity Update, we examine the European Commission’s draft adequacy decision on the EU-U.S. Data Privacy Framework, as well as guidance from the U.K. Information Commissioner’s Office on...more
Introduction - The number of class actions brought in the UK is likely to grow considerably in the coming years. In particular, we expect claimant firms to continue making claims for misuse use of data where an issue...more
The Department for Digital, Culture, Media & Sports (DCMS) confirmed on August 30, 2022, that it will push forward with tough new regulations and a code of practice to bolster the security and resilience of the United...more
In this episode of Life with GDPR, Jonathan Armstrong and I return to take a deep dive into class action litigation in the UK and EU around data privacy and data protection. We consider some issues in class action lawsuits...more
The below is a brief summary of the judgment handed down in Lloyd v Google LLC [2021] UKSC 50 by the Supreme Court on November 10, 2021 as potentially one of the most significant and anticipated data privacy judgments to...more
This quarterly update highlights some of the international data protection issues that have caught our attention, and the attention of our clients, in the past three months....more
The end of the Brexit transition period is now upon us. Whilst the EU General Data Protection Regulation (EU GDPR) is retained in domestic law with minimal amendment, the so-called 'UK GDPR' has some key changes that...more
When British Airways (“BA”) suffered a significant personal data breach in September 2018, just months after the coming into force of the EU General Data Protection Regulation (“GDPR”), all eyes were on the UK’s Information...more
In this month's edition, we examine the Court of Justice of the European Union's decision invalidating the EU-U.S. Privacy Shield framework, as well as the U.S. government's response to the decision. We also examine two...more
BACKGROUND - Over the Easter weekend, it was reported by a number of media outlets that an 860-page report, apparently commissioned by senior Labour Party officials, had been leaked and was circulating widely online. The...more
States Consider Privacy and Data Security Legislation - It’s that time of year again, when we see a flood of legislative activity at the state level on privacy and data security laws. A couple of recent examples are below....more