Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Rethinking Records Retention
#Risk New York Speaker Series: The Future of AI Governance in GRC with Matt Kelly
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
Starting July 9, 2025, the U.S. Department of Justice will begin enforcing its new “Bulk Sensitive Data Rule,” a sweeping regulation aimed at restricting the transfer and storage of sensitive U.S. personal and...more
On March 10, 2025, the Office of the Attorney General of California (CAAG) announced an enforcement sweep of the California Consumer Privacy Act (CCPA) focused on the location data industry. Attorney General Rob Bonta stated...more
On January 13, 2025, Texas Attorney General Ken Paxton (“Texas AG”) filed the first-ever enforcement action under the Texas Data Privacy and Security Act (“TDPSA”) against insurance company Allstate and its subsidiary, Arity...more
Many employers have turned to geolocation tools like GPS devices to monitor employees’ whereabouts and movements – especially those working remotely or in field-based roles. While these tools provide an effective way to boost...more
On January 8, 2025, the Department of Justice (“DOJ”) published its Final Rule to implement President Biden’s Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States...more
Corporations face unprecedented challenges in safeguarding sensitive data and mitigating privacy risks in an era marked by the rapid proliferation of Internet of Things, or IoT, devices....more
On March 20, the U.S. House of Representatives passed House Resolution 7520, the Protecting Americans’ Data from Foreign Adversaries Act of 2024, targeting companies that sell sensitive information to “foreign adversaries.” ...more
On February 28, 2024, President Biden signed Executive Order (EO) 14117 titled “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” On March 5,...more
The Brazilian Data Protection Law (LGPD) in effect since 2020 is starting to show its effects in the litigation landscape. Although the Brazilian National Data Protection Agency (ANPD) has been fairly active since it...more
The California Privacy Protection Agency (CPPA) released initial draft regulations for cybersecurity audits (which have since been amended) and risk assessments late this summer. The agency’s board of directors addressed the...more
Consistent with recent trends in broadening the scope of state data breach notification statutes, Connecticut and Florida have expanded the definitions of personal information under their respective data breach notification...more
This is Part Four in a series of legal updates on the Washington My Health My Data Act (“WMHMDA”) where Quarles continues its deep dive into the various factors and intricacies of WMHMDA that are creating tidal waves in the...more
On May 4, 2023, an Idaho federal judge ruled that the Federal Trade Commission (FTC) needs stronger assertions of consumer harm in order for its data privacy suit against data broker/mobile analytics provider Kochava Inc....more
CYBERSECURITY - CISA Lists Top CVEs Exploited by Chinese State-Sponsored Cyber Actors - The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and...more
In the past 5 years businesses felt the increasingly intricate data management rules (GDPR, CCPA, BIPA) pressed against an explosion in hacking and ransomware. Companies experience pressure from legislators, regulators,...more
As always, it was great fun speaking with Future of Privacy Forum’s lovely and knowledgeable mobility guru Chelsey Colbert during Part 2 of OneTrust DataGuidance’s connected vehicles and data protection presentation...more
CYBERSECURITY - Cyber Exposures Rise During Pandemic - Although it is logical that cyber-attacks have risen during the pandemic, and there is anecdotal evidence that it is occurring, including our own experience, an...more
On May 7, 2020, in the face of the ongoing COVID-19 pandemic and as some states are “opening up”, U.S. Sens. Roger Wicker (R-Miss.), chairman of the Senate Committee on Commerce, Science, and Transportation; John Thune...more
At the beginning of 2020, a Federal privacy law, similar to that of GDPR or PIPEDA, was a faint and distant reality. However, in light of some mobile device and other monitoring being considered because of the COVID-19...more
In this month's edition of our Privacy & Cybersecurity Update, we examine comments from the California attorney general's office regarding the start date for enforcement of the California Consumer Privacy Act in light of...more
New Jersey has joined a growing list of states considering legislation on data privacy to promote transparency, accountability, and individual choice. One bill would create new obligations for commercial entities whose online...more
A lawsuit filed late last week by Los Angeles City Attorney Michael Feuer alleges that TWC Product and Technology LLC (TWC), the company behind The Weather Company App, is collecting, disclosing, selling and monetizing users’...more
Smartphones, websites, and other connected devices (e.g., “wearables”) increasingly request that consumers provide their geo-location information. Geolocation information can refer to general information about a consumer’s...more
The Federal Trade Commission (FTC) recently entered a Consent Agreement with Uber that includes “precise geolocation information” in the list of personal information that is to be protected. While the Consent Agreement only...more
On Wednesday, August 24, the California state senate (the “Senate”) took action on a bill that would expand the definition of protected personal consumer data to include geolocation and biometric information while also...more