Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Rethinking Records Retention
#Risk New York Speaker Series: The Future of AI Governance in GRC with Matt Kelly
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
Top Healthcare Compliance Priorities for 2025
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
After multiple attempts by successive governments over the last few years to bring about regulatory changes that would enhance and promote the use of data in the UK, an often heavily debated law has finally arrived in the...more
Executive Summary - The EU Data Act, whose requirements apply from 12 September 2025, establishes new rights for businesses and consumers to access data they generated using “connected devices,” limiting the exclusive...more
On March 12, 2025, the California Privacy Protection Agency (CPPA) announced a settlement with American Honda Motor Co., resolving allegations that the company violated the California Consumer Privacy Act (CCPA) and requiring...more
Advocate General Spielmann opines that personal data can be pseudonymous in the hands of one party and anonymous in the hands of another....more
Welcome to your weekly update from the A&O Shearman pensions team, covering all the latest legal and regulatory developments in the world of workplace pensions. ICO guidance on using employment records The Information...more
The Council of Europe has formally adopted the EHDS, marking a significant milestone in the development of a unified framework for health data exchange across Member States. This initiative aims to enhance healthcare...more
On January 15, the CFPB published to the Federal Register a Request for Information (RFI) on the collection, use, sharing and protection of consumer payment and personal financial data by companies offering financial products...more
Tomorrow is International Data Privacy Day, so a happy day to all! More seriously, data privacy concerns and legislation continue to rapidly increase. It has been estimated that by the end of 2024 more than 75 percent of...more
Readers of this blog may recall a recent favorable decision handed down by Massachusetts State’s highest court in which it found that Massachusetts Wiretap Act claims (“MWA”) do not extend to consumer interactions with...more
Comprehensive consumer privacy laws are rapidly expanding across the United States, significantly impacting PEOs. Currently, 19 states have enacted privacy laws, with eight already in effect and 11 set to take effect between...more
There is no better real-world example of significant data ethics complexities than Facebook. The data privacy scandal that has emerged over the past few years is a unique educational tool for any compliance professional or...more
It’s no longer good enough for your business to have a reactive approach to consumer privacy – you need a proactive strategy to manage compliance, foster consumer trust, and stay competitive in this modern era. While many...more
Corporations face unprecedented challenges in safeguarding sensitive data and mitigating privacy risks in an era marked by the rapid proliferation of Internet of Things, or IoT, devices....more
Maretta Morovitz is the Engage Lead at MITRE, where she simplifies the planning of adversary engagement for cyber defenders. Maretta likens her cyber defense work to the movie Home Alone, setting a series of traps for the...more
Recent U.S. developments indicate a growing focus on regulating and investigating the data privacy practices of companies in the automotive sector. The Federal Trade Commission (FTC) recently highlighted in a blog post its...more
Last week, California Attorney General Rob Bonta announced a new enforcement focus on streaming apps’ failure to comply with the California Consumer Privacy Act (CCPA). This investigation will examine whether streaming...more
The California Privacy Protection Agency (CPPA) released initial draft regulations for cybersecurity audits (which have since been amended) and risk assessments late this summer. The agency’s board of directors addressed the...more
On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) issued an advance notice of proposed rulemaking (ANPR) with respect to a new consumer financial data portability rule mandated by Section 1033 of the...more
On Thursday, October 19, 2023, the Consumer Financial Protection Bureau (“CFPB”) released a proposed rule addressing “personal data financial rights”, as we reported last week that they would be doing later in October. The...more
On Oct. 19, 2023, the Consumer Financial Protection Bureau (CFPB) released a Notice of Proposed Rulemaking (NPRM) on Personal Financial Data Rights, which would change the way financial institutions hold and distribute...more
On September 12, 2023, Delaware became the 13th state to adopt a consumer data privacy act, joining Florida, another state to recently adopt consumer privacy laws, and others in providing resident consumers with rights...more
With the ever-expanding Internet of Things, data privacy is a growing concern in today’s digital age. The automotive industry is no exception. The National Highway Traffic Safety Administration (“NHTSA”) has broad regulatory...more
Are Automakers Making Sufficient Efforts to Protect Customer Data? With the ever-expanding Internet of Things, data privacy is a growing concern in today’s digital age. The automotive industry is no exception. The National...more
Keypoint: Although they are only draft regulations and not part of the formal rulemaking process, the drafts demonstrate the Agency’s intent to create extensive obligations for businesses subject to these regulations. In...more
For decades, medical providers and other covered entities have satisfied their health-data privacy obligations by complying with the federal Health Insurance Portability and Accountability Act (HIPAA) — but this is changing...more