Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Episode 366 -- DOJ Issues Data Security Program Requirements
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — The Good Bot Podcast
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Innovations in Compliance: Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
What is the CCF?
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — Hiring to Firing Podcast
A Less is More Strategy for Data Risk Mitigation
Auditing Your Hotline and Case Management System
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
Compliance Tip of the Day: AI for Whistleblower Anonymity
Why Privacy Matters to Your Business and What's in Store for 2025
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 223: Cybersecurity and Privacy Risks with Healthcare Vendors with Brandon Robinson of Maynard Nexsen
In a noteworthy step toward international privacy collaboration, the California Privacy Protection Agency (CPPA) has entered into a formal declaration of cooperation with the U.K. Information Commissioner's Office (ICO). This...more
Are you using artificial intelligence in your business operations? Do you have AI embedded in the goods and services you offer customers? The regulatory framework applicable to AI continues to develop, including across US...more
If you are a compliance professional for a U.S.-based company, you have probably been told at some point that you have to worry about the General Data Protection Regulation (GDPR). Have you encountered one of these...more
On March 18, 2025, the European Commission proposed to extend its adequacy decision in favor of the United Kingdom (‘UK’) for an additional six-month period. This would allow free flows of personal data from the EU to the UK...more
The guidelines specify the requirements for data controllers to conduct risk assessments related to the transfer or disclosure of personal data outside the Kingdom. ...more
U.S. companies and organizations have entered a new era of sweeping restrictions on cross-border data transfers. The Department of Justice's (DOJ) Final Rule, "Preventing Access to U.S. Sensitive Personal Data and...more
Chile has amended its data privacy law granting significant rights to data subjects, and imposing stricter obligations on data controllers and processors. Published in the Official Gazette (Diario Oficial) on December 13,...more
Data privacy laws are evolving rapidly worldwide, with jurisdictions such as California, Japan, Canada, and Brazil adopting frameworks inspired by the EU’s General Data Protection Regulation (GDPR). Businesses operating...more
On January 3, 2025, the Cyberspace Administration of China (the “CAC”) released the Draft Measures for Personal Information Protection Certification for Cross-Border Data Transfers (the “Draft Measures”) for public comment....more
A groundbreaking new regulatory regime, imposing rules unlike any in existing U.S. law, may surprise many companies due to its sudden adoption and complexity. This article tries to simplify the changing regulatory landscape,...more
On January 31, 2025, the French supervisory authority (CNIL) published the final version of its guide on transfer impact assessments (TIA). A TIA must be undertaken by organisations relying on one of the ‘appropriate...more
In our latest blog post, we shared a few considerations for compliance in the context of complex outsourcing contracts. Continuing on this theme, we take a look into the matter of data protection compliance....more
As 2025 progresses, one thing is clear—GDPR enforcement is not slowing down. In fact, regulators across Europe are intensifying their scrutiny, handing out significant fines and even warning executives of potential personal...more
In the fast-paced, ever-changing world of data, privacy, cyber, and AI, staying ahead of the curve is crucial. Following Data Protection Day 2025 last month, we've identified ten key themes that might significantly impact...more
On 16 January 2025, in an open statement and letter, the UK Information Commissioner, John Edwards, responded to the December 2024 letter from the UK Prime Minister, the Chancellor, and the Business Secretary....more
On January 24 2025, the UK’s Information Commissioner’s Office (ICO) published its response to a request from the Prime Minister, Chancellor and Business Secretary for regulatory proposals to improve business confidence and...more
Following a German case brought against the EU Commission, the EU General Court found that the Commission had made an improper transfer of personal information to the US. The plaintiff, a German citizen, alleged (among other...more
President Trump recently fired the three democrats on the Privacy and Civil Liberties Oversight Board (PCLOB). Since these firings bring the Board to a sub-quorum level, they have the potential to significantly disrupt...more
The DOJ has finalized a set of prohibitions and restrictions on cross-border transfers of certain U.S. data to China and other “Countries of Concern” (for now, Cuba, Iran, North Korea, Russia, and Venezuela), as well as to...more
In the fast-paced, ever-changing world of data, privacy, cyber, and AI, staying ahead of the curve is crucial. To mark Data Protection Day 2025, we've identified ten key themes that might significantly impact our clients in...more
As of September 22, 2024, the final provision of Law 25, An Act to modernize legislative provisions as regards the protection of personal information, will take effect, establishing a new right to data portability for...more
India just released a landmark draft of new rules to refine and implement the Digital Personal Data Protection Act (DPDP Act) – which is India’s first comprehensive data privacy legislation regulating digital personal data...more
On January 03, 2025, the government released the much awaited draft Digital Personal Data Protection Rules, 2025, (Draft Rules / Rules) for public consultation and invited stakeholder feedback by February 18, 2025 (access the...more
On January 8, the Department of Justice (DOJ) published its final Rule implementing Executive Order 14117 (EO), “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by...more
It is hard to believe that another year is upon us! As we have done in years past (including 2023, 2022, 2021, 2020, 2019 and 2018), we have created a comprehensive resource of all our www.eyeonprivacy.com posts from 2024. As...more