Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Rethinking Records Retention
#Risk New York Speaker Series: The Future of AI Governance in GRC with Matt Kelly
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
The Court of Appeal has handed down its judgment in the case of Prismall v Google UK Ltd and DeepMind Technologies Ltd [2024] EWCA Civ 1516. Finding for Google, the Court of Appeal upheld the lower Court’s decision to...more
In a December, the Information Commissioner’s Office (ICO) responded to Google’s decision to lift a prohibition on device fingerprinting (which involves collecting and combining information about a device’s software and...more
If you’re feeling out of the loop about Chrome’s personal data collection, you’re not the only one. Google had announced that it would be deprecating third-party cookies. Then it delayed the deprecation. Then they called the...more
Since early September 2024, the U.S. Department of Justice (DOJ) presented its case-in-chief against Google in a lawsuit accusing the company of anti-competitive and monopolistic practices in the complex digital advertising...more
In July, Instagram’s parent company Meta Platforms, Inc. (“Meta”) agreed to a $68.5 million class-action biometric privacy settlement in connection with the company’s alleged violation of Illinois’ Biometric Information...more
In a recent announcement, Datatilsynet, the Danish Data Protection Authority (“Danish DPA”), declared that the Google Analytics tool does not comply with the GDPR’s requirements for international transfers. As such, it...more
Recent reports from several European Data Protection Authorities (DPAs), the bodies empowered to regulate consumer privacy under the General Data Protection Regulation (GDPR), have ruled that Google Analytics violates the...more
This year has seen further record GDPR fines levied by Data Protection Authorities, however, a second “under the radar” risk exists—namely, being sued for damages. Today we saw a sea-change case (Lloyd v Google) ruling by...more
This week’s Update features a variety of stories, including stories regarding Expedia’s planned roll up of its loyalty programs and Marriott’s recently announced loyalty program partnership with Japanese e-commerce platform,...more
CYBERSECURITY - Cyber Criminals Focusing on Clinics + Business Associates - As hospital systems become more hardened to cyber-attacks, cyber criminals are focusing their efforts on smaller providers, such as outpatient...more
Facing pressure from Congress and a groundswell of complaints by parents, many of the biggest technology companies are taking belated action to improve privacy protections for their teenage users. Though the Children’s Online...more
The Federal Trade Commission (FTC) continues to put emphasis on the importance of corporate board involvement in privacy and data security. Corporate Boards: Don’t Underestimate Your Role in Data Security Oversight - The...more
his week sees a key hearing before the UK Supreme Court in the case of Lloyd v Google, an event long awaited by those familiar with data protection law proceedings in Europe. The case concerns the so-called “safari...more
We often think of phony financial institution emails as a bad actor’s phishing scheme of choice to capture confidential bank account numbers or other private financial information. While those phishing emails certainly do...more
Months have passed since it was first revealed in July 2019 that the Department of Justice (DOJ), in response to various stakeholders’ concerns, was conducting a review into certain “market-leading online platforms” and...more
States Consider Privacy and Data Security Legislation - It’s that time of year again, when we see a flood of legislative activity at the state level on privacy and data security laws. A couple of recent examples are below....more
Google Analytics is in the crossfire in Germany. The data protection authorities of the German states are being flooded with complaints, approximately 200,000 in number, regarding deployment of the Google Analytics service...more
Case Summary - Richard Lloyd, a “champion of consumer protection” and former director of the consumer rights group Which?, is seeking to bring a representative damages claim against Google, on behalf of more than four...more
On September 24, 2019, the highest court of the European Union (EU), the Court of Justice of the EU (CJEU), attempted to limit the territorial scope and authority of EU data protection authorities in its recent decision...more
On Tuesday, September 24, 2019, the European Court of Justice issued two rulings that further defined the right to be forgotten under European laws. The right to be forgotten, also known as the right to erasure, is a...more
On September 4, 2019, the Federal Trade Commission (FTC or the “Commission”) announced a settlement with YouTube and its parent Google that resolves allegations that the companies violated the Children’s Online Privacy...more
LitLand is a monthly feature that reviews developments in litigation as they relate to privacy matters and highlight any past, current, and future cases about which you should know....more
It has been rough weather for Google in France. Three weeks after the French ?Data Protection Authority imposed a record fine against Google for non-compliance with the GDPR, the Paris District Court (“Tribunal de Grande...more
Australia has recently taken significant action in the realm of data security that will potentially have global impact. In December 2018, the Australian Competition and Consumer Commission (“ACCC”) released recommendations on...more
On 21 January 2019, the French Data Protection Authority (the “French DPA”) fined Google LLC 50 million euros for breach of the GDPR. As we reported on this blog, just after GDPR became applicable, noyb.eu (None of Your...more