Rethinking Records Retention
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
Top Healthcare Compliance Priorities for 2025
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Episode 366 -- DOJ Issues Data Security Program Requirements
A bipartisan coalition of 28 AGs have filed a lawsuit against 23andMe Holding Co. and 23andMe, Inc. (collectively “23andMe”) to protect human genetic data collected by the company from being sold without consumers’ consent as...more
States have been active in passing and enacting comprehensive consumer privacy laws in the absence of a federal statute. To date, 19 states have passed such laws, starting with the California Consumer Privacy Act (“CCPA”),...more
On June 2, the New Jersey Division of Consumer Affairs announced the publication of new proposed regulations to implement the New Jersey Data Privacy Act (NJDPA), N.J. Stat. §§ 56:8-166.4 et seq., which went into effect on...more
India’s Ministry of Electronics and Information Technology (MeitY) released in June 2025 a Business Requirement Document for Consent Management Under the DPDP Act, 2023 (BRD). The BRD, while not legally binding, provides...more
On April 29, Michigan Attorney General (AG) Dana Nessel filed a lawsuit against Roku, Inc. (Roku), the smart TV and device provider and streaming service, alleging that Roku collects and monetizes personal data from children...more
A California federal court just certified a significant class action involving allegations that a health-tracking app improperly shared sensitive health information with third parties without user consent. The court’s May 22...more
The Oregon Legislature recently enacted House Bill 3875, amending the Oregon Consumer Privacy Act (OCPA) effective September 28. 2025, to broaden its scope to include motor vehicle manufacturers and their affiliates that...more
On May 9, the Office of the Attorney General for Texas announced it reached a $1.375 billion settlement with a tech company for the violation of Texas data privacy laws. The lawsuit alleged unlawful tracking of users’ private...more
While Andrew Ferguson advocates for a restrained regulatory approach at the FTC, his statements and voting record reveal clear priority areas where businesses can expect continued vigorous enforcement. Two areas stand out in...more
Texas AG Ken Paxton announced a settlement in principle with Google LLC to resolve allegations of data privacy and security violations. The settlement will resolve lawsuits filed by Texas against Google for allegedly...more
Every week, the Array team reviews the latest news and analysis about the evolving field of eDiscovery to bring you the topics and trends you need to know. This week’s post covers the period of April 27-May 3. Here’s what’s...more
Becker’s Hospital Review reports that the Department of Government Efficiency (DOGE) “has access to sensitive information in 19 HHS databases and systems,” according to a court filing obtained by Wired. HHS provided the...more
As we navigate the complex landscape of technology and its impact on society, considering how our digital interactions shape our identities and communities is crucial. The shift towards virtual third spaces—like social media...more
If you are a compliance professional for a U.S.-based company, you have probably been told at some point that you have to worry about the General Data Protection Regulation (GDPR). Have you encountered one of these...more
Businesses operating across the U.S. should pay close attention to the rapidly evolving consumer privacy landscape. To date, 20 states, including Oregon, have enacted comprehensive consumer privacy laws, with 14 already in...more
23andMe, a pioneer in the DNA testing kit industry, announced that it has filed for Chapter 11 bankruptcy protection and recently asked to select an independent customer data representative regarding any sale of user data....more
Today, the Department of Justice’s (“DOJ”) Final Rule implementing former President Biden’s Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by...more
Today, April 8, 2025, the U.S. Department of Justice’s Final Rule restricting transfers of bulk sensitive personal data and U.S. government-related data becomes effective, implementing former President Biden’s Executive Order...more
Long maligned as innovation-shy, litigation practices are deploying emerging artificial intelligence technologies at a rapid rate. Technology’s ability to instantly synthesize and draw useful conclusions from large amounts of...more
Oregon consumers submitted more than 100 privacy complaints to the state’s justice department within six months of the Oregon Consumer Privacy Act (OCPA) taking effect, and businesses subject to the new law need to take note....more
With attention on Democratic Attorneys General vowing to fill the void left by weakened federal regulators, and perhaps a more partisan divide on enforcement generally, a bipartisan consensus is quietly emerging in the states...more
Subject rights requests can be confusing for everybody involved. Some consumers are savvy privacy advocates and expect their requests to be fulfilled to the letter. Others are just learning that they have subject rights...more
In March 2023, Elon Musk and Steve Wozniak, along with other technology experts, signed an open letter asking that training powerful AI models be stopped until stronger AI governance laws could be developed. Two months later,...more
With the number of data breaches increasing each year, it’s becoming more important to know what personal data you have and where you have it. On personal or even work devices, you may be surprised at how much of your data is...more
In 2024, the CNIL stepped up its enforcement action, issuing 87 sanctions, 180 compliance orders and 64 reprimands. However, only 12 decisions were made public, thus complicating the exercise of making the regulator’s...more