AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Episode 366 -- DOJ Issues Data Security Program Requirements
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — The Good Bot Podcast
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Innovations in Compliance: Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
What is the CCF?
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — Hiring to Firing Podcast
A Less is More Strategy for Data Risk Mitigation
Auditing Your Hotline and Case Management System
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
Compliance Tip of the Day: AI for Whistleblower Anonymity
Why Privacy Matters to Your Business and What's in Store for 2025
On April 9, 2025, the coalition agreement of the future German Federal Government, consisting of the three German parties CDU, CSU and SPD, was published. The document entitled “Responsibility for Germany” contains several...more
On March 10, 2025, the Belgian Data Protection Authority (BDPA) updated its 2020 guidance on the processing of personal data for direct marketing purposes (see the updated guidance here in French and in Dutch)....more
Data minimization is a legal and operational necessity in today’s privacy landscape. There are now legal and operational curbs to the pervasive practice of keeping everything forever. With the rise of global frameworks like...more
Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more
The Italian Data Protection Authority has adopted an updated version of a guideline document on email retention that it originally issued in December 2023, but which had been suspended....more
Introduction - The General Data Protection Regulation (Regulation (EU) 2016/679) is the EU regulation which is directly applicable in all member states of the EU, including the Czech Republic, as of 25 May 2018. The new...more
If you don’t know where your business collects, stores, and processes consumer data, you can’t manage that data in a compliant fashion. You won’t know whether...more
2023 may be the year of privacy laws. Five states have new laws that go into effect this year, which will likely usher in a new era of consumer privacy protections in the United States....more
Implementing legal holds quickly and effectively is key to maintaining defensibility during litigation and investigations. When a matter involves U.S. law, parties have a duty to preserve relevant information once litigation...more
FTC Is Tracking Twitter Developments With “Deep Concern” - Elon Musk’s recent purchase of Twitter has led to numerous resignations in the security department. Most recently, Twitter’s chief information security officer,...more
Employers often want to have a data retention policy that works for all of their international operations. We look at the challenges with this approach and how to make it work in practice....more
On November 3, 2020, California voters approved Proposition 24, a ballot initiative which enacted the California Privacy Rights Act (“CPRA”). The CPRA amends the California Consumer Privacy Act (“CCPA”), the most sweeping...more
Welcome to the latest edition of Updata - the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and...more
A data inventory is the fundamental building block for an effective privacy program. In its simplest form, a data inventory can be thought of as a matrix which documents 1) what personal data is being collected by the...more
In this month's edition, we examine the European Commission's Digital Services Act and its potential regulatory impact, the National Institute of Standards and Technology's draft guidance on internet-of-things devices'...more
This is the time of the year in which we look back to what has happened during the last 12 months and try to get ready for what is to come. This can be done in many ways, although one of the most common practices is to rely...more
The CPRA, also referred to as CCPA 2.0, is a more robust version of the CCPA. The original drafter of the CCPA put CPRA on the ballot to amend and bolster key provisions in the CCPA....more
United Kingdom, French and Belgian national security laws (and such laws of other EU Member States) fell under the scrutiny of the Court of Justice of the European Union (CJEU), which on October 6, 2020, ruled on whether such...more
As more organizations find themselves under scrutiny for the way they collect and use consumer data, maintaining CCPA compliance has never been more important. CCPA has been introduced to give control back to consumers,...more
The words “hodgepodge” and “patchwork” are overused in the world of risk and compliance, but they’re certainly appropriate for describing the myriad data privacy regulations popping up around the world. In 2018, the world...more
Partner Jay Johnson discusses the effect of various regulations on blockchains. He notes that the GDPR presents compliance obligations on data controllers, the CCPA allows consumers a right to erasure, and the FTC has notice...more
As we move into the second month of 2019, we’d like to give an overview of the trends we see developing in the cybersecurity and data privacy area for the year. We’ll be sure to elaborate on these areas with more details as...more
With 2018 in the archives, Hanzo is starting off the new year with a look ahead to the trends and challenges we believe will define the compliance and eDiscovery landscape in 2019, and a look back at the year that was at...more
This article is Part 4 of our series on the GDPR for U.S.-based companies. Part 1 assisted U.S.-based companies in determining whether the GDPR applies to them; Part 2 provided an overview of the GDPR’s key concepts and...more