No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Rethinking Records Retention
#Risk New York Speaker Series: The Future of AI Governance in GRC with Matt Kelly
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Healthline Media has agreed to pay $1.55 million to resolve allegations that it violated the California Consumer Privacy Act (CCPA) – which is the largest settlement to date under the state’s landmark privacy law. The...more
The UK’s Data (Use and Access ) Act 2025 (“DUA Act”), which received royal assent on 19 June 2025, represents a significant reform to UK data law and reflects Britain’s ambition to spur tech innovation by freeing up the flow...more
After multiple attempts by successive governments over the last few years to bring about regulatory changes that would enhance and promote the use of data in the UK, an often heavily debated law has finally arrived in the...more
In the recent high-profile civil class action, Frasco v. Flo Health, a California federal court issued a significant ruling partially certifying a nationwide class and California subclass of individuals who used the Flo...more
- On 26 March 2025, the European Health Data Space (EHDS) Regulation entered into force. The regulation establishes a comprehensive framework for health-data sharing and access in the EU, with the dual aim of supporting the...more
Executive Summary - The EU Data Act, whose requirements apply from 12 September 2025, establishes new rights for businesses and consumers to access data they generated using “connected devices,” limiting the exclusive...more
Keypoint: In this post: (1) Standing may depend on how specific plaintiffs’ complaint is; (2) the 2d Circuit adopts the 3rd and 9th Circuit’s narrower interpretation of PII under the VPPA; (3) Promises in privacy policies not...more
In its motion for a summary judgment in a lawsuit challenging the regulation, the CFPB stated it has concluded that the Section 1033 Rule (Rule) exceeds the agency’s statutory authority to create an open banking system...more
A California federal court just certified a significant class action involving allegations that a health-tracking app improperly shared sensitive health information with third parties without user consent. The court’s May 22...more
On April 22, 2025, the Federal Trade Commission’s (FTC) changes to the Children’s Online Privacy Protection Rule (COPPA Rule) were published in the Federal Register. The updates will go into effect on June 23, 2025, and...more
The first updates to the COPPA Rule since 2013 impose new obligations for sharing children’s personal information with third parties. On April 22, 2025, the Federal Trade Commission (FTC or Commission) published the final...more
The Second Circuit Court of Appeals upheld the dismissal of a proposed class action against Flipps Media (now Triller TV), ruling that the company did not violate the federal Video Privacy Protection Act (VPPA) by sharing...more
Sports sponsorship contracts traditionally focus on category exclusivity and entitlements while overlooking data sharing language. However, with the rapid evolution of data usage in the industry, incorporating data sharing...more
Businesses just received some good news when a federal court dismissed a California Invasion of Privacy Act (CIPA) claim that aimed to expand the reach of the state’s wiretapping law to cover internet communications. The...more
Recently we had a client pose an interesting question about providing accommodations to disabled temporary workers. A temp agency referred a worker to its client, but advised the client that the worker had requested certain...more
Google is so ubiquitous it's both a noun and a verb, and nearly everyone's search engine of choice. As a result, the landmark antitrust case brought by the U.S. Department of Justice and several states (collectively, the...more
In a big win for businesses, a California federal court just held that a “tester” plaintiff – someone who visits websites for purposes of initiating litigation – cannot bring a claim under the California Invasion of Privacy...more
As the privacy litigation landscape continues to take shape, search bars have quietly become a Trojan horse in online data collection, carrying new legal theories into the California Invasion of Privacy Act (CIPA) arena. The...more
A new California investigative sweep into the location data industry focuses on whether businesses have violated state law relating to the consumers’ right to limit how their personal information – including their geolocation...more
On March 12, 2025, the California Privacy Protection Agency (CPPA) announced a settlement with American Honda Motor Co., resolving allegations that the company violated the California Consumer Privacy Act (CCPA) and requiring...more
A rapid transformation in consumer finance is being brought about by open banking—a pivotal innovation that allows consumers to give third parties real-time access to their detailed financial data. Open banking has the...more
Businesses operating in California that rely on location tracking – whether for fleet management, employee monitoring, logistics, or marketing – should pay close attention to a bill that would dramatically alter the legal...more
Advocate General Spielmann opines that personal data can be pseudonymous in the hands of one party and anonymous in the hands of another....more
Welcome to your weekly update from the A&O Shearman pensions team, covering all the latest legal and regulatory developments in the world of workplace pensions. ICO guidance on using employment records The Information...more
The Council of Europe has formally adopted the EHDS, marking a significant milestone in the development of a unified framework for health data exchange across Member States. This initiative aims to enhance healthcare...more