AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Episode 366 -- DOJ Issues Data Security Program Requirements
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — The Good Bot Podcast
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Innovations in Compliance: Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
What is the CCF?
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — Hiring to Firing Podcast
A Less is More Strategy for Data Risk Mitigation
Auditing Your Hotline and Case Management System
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
Compliance Tip of the Day: AI for Whistleblower Anonymity
Why Privacy Matters to Your Business and What's in Store for 2025
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
On April 21, 2025, the Federal Trade Commission (FTC) finalized a significant and long-awaited update to the Children’s Online Privacy Protection Act (COPPA) Rule—the law’s first update since 2013. The revised Rule introduces...more
Becker’s Hospital Review reports that the Department of Government Efficiency (DOGE) “has access to sensitive information in 19 HHS databases and systems,” according to a court filing obtained by Wired. HHS provided the...more
Businesses operating across the U.S. should pay close attention to the rapidly evolving consumer privacy landscape. To date, 20 states, including Oregon, have enacted comprehensive consumer privacy laws, with 14 already in...more
In a development that seems to have flown mostly under the radar this week, Virginia’s governor signed on Monday SB754, a bill passed by the state’s General Assembly that amends the state’s Consumer Protection Act to strictly...more
In a notable development for corporate defendants grappling with consumer privacy litigation, the Southern District of New York has recently issued a decision in Lee v. Springer Nature America, Inc., embracing a broadened...more
If you are the owner of a telemarketing business, there is a good chance that you are familiar with The Campaign Registry (“TCR”). TCR registration is essential for businesses for several reasons. Crucially, it ensures that...more
The Video Privacy Protection Act (“VPPA”), a federal statute enacted in 1988, is gaining new relevance in recent years as plaintiffs bring lawsuits with the goal of enforcing online privacy rights. 2024 saw a continuation of...more
As of this writing, the CAM4 security incident remains the largest data breach in history. The attack on the website exposed nearly 11 billion records, including users' names, email addresses, sexual orientations, chat...more
Colorado employers could soon need to comply with the disclosure and consent requirements of the state’s privacy act when they collect biometric identifiers from employees or applicants – which would make Colorado the first...more
Over the past several years, the number of states with comprehensive consumer data privacy laws has increased exponentially from just a handful—California, Colorado, Virginia, Connecticut, and Utah—to up to twenty by some...more
Enforcement of the California Consumer Privacy Act (“CCPA”) continues to heat up with California Attorney General Rob Bonta’s office announcing its second public enforcement action, this time against delivery service provider...more
Welcome to this month's issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice....more
Global Privacy Controls, vendor management, sensitive personal information, and the use of Ad Tech; new U.S. state data protection laws introduce twists to traditional notions of American data protection law. In the U.S.,...more
On July 20, 2023, the Department of Health and Human Services (DHHS) through the Office of Civil Rights (OCR) and the Federal Trade Commission (FTC) issued a joint letter to hospitals and telehealth providers alerting them to...more
Information governance (IG) plays an increasingly significant role of the way corporations do business. But what do organizations do with all their data? Where do they store it—and is it secure, well organized, and...more
Amazon Sued for Not Telling New York Store Customers about Tracking Biometrics - “Thanks to a 2021 law, New York is the only major American city to require businesses to post signs letting customers know they’re tracking...more
Illinois Supreme Court Allows Massive Damages in Biometric Privacy Cases - “The case involves Ohio-based fast-food company White Castle.” Why this is important: Illinois has the strictest biometric privacy law in the...more
Editor’s Note: On January 18, 2023, HaystackID shared an educational webcast on China’s emerging statutes and regulations governing the processing, disclosure, and transfer of data. As Chinese entities increasingly become...more
California employers' reprieve from obligations to employees to disclose data privacy practices and provide access rights to employees appears to be coming to an end as the California Privacy Rights Act (CPRA) becomes...more
Since the California Consumer Privacy Act (“CCPA”) was passed in 2018, employers have been watching carefully to see how the law will apply to data collected and maintained about their employees. Up until now, employment data...more
“Businesses, service providers, and contractors are to comply with not just the letter of the (California Consumer Privacy Act), but the spirit of the law.” That is according to a new Initial Statement of Reasons issued...more
As we explained in an earlier installment, most privacy law derive from the Fair Information Practice Principles (FIPPs). The FIPPs provide, in part, that consumers should be given notice of how their information will be used...more
In an opinion released on March 10, 2022, California Attorney General Rob Bonta addressed the applicability of the “right to know” under the California Consumer Privacy Act (CCPA) (pdf) to internal inferences that...more
In this four-part series, Conyers continues diving into different topics relating to Bermuda’s privacy legislation, including: why we need privacy legislation and its purpose, how to prepare for the Personal Information...more
While it is clear that the California Consumer Privacy Act (CCPA) imposes certain disclosure obligations on businesses regarding concrete personal information collected about consumers, businesses often forget that they also...more