AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Episode 366 -- DOJ Issues Data Security Program Requirements
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — The Good Bot Podcast
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Innovations in Compliance: Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
What is the CCF?
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — Hiring to Firing Podcast
A Less is More Strategy for Data Risk Mitigation
Auditing Your Hotline and Case Management System
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
Compliance Tip of the Day: AI for Whistleblower Anonymity
Why Privacy Matters to Your Business and What's in Store for 2025
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more
In a noteworthy step toward international privacy collaboration, the California Privacy Protection Agency (CPPA) has entered into a formal declaration of cooperation with the U.K. Information Commissioner's Office (ICO). This...more
The California Privacy Protection Agency announced this month that it, along with six other states, will be forming a new group called the “Consortium of Privacy Regulators.” (The other states are Colorado, Connecticut,...more
The new Department of Justice (DOJ) rule governing international transfers of Americans’ information, codified at 28 C.F.R. Part 202, became effective on April 8, 2025....more
What's Changed? The U.S. Department of Justice (DOJ) published a Data Security Program (DSP), pursuant to a final rule (Final Rule), which became effective on April 8, 2025....more
U.S. organizations should carefully review and ensure their privacy and cybersecurity practices comply with a wide-ranging new federal rule establishing data transfer restrictions regarding sensitive U.S. personal data. The...more
On April 16, attorneys general from seven states and a state agency announced that they were forming the Consortium of Privacy Regulators, a new effort to better protect consumers’ privacy. The Consortium consists of the...more
As if legal and compliance professionals had enough responsibilities on their plates, DOJ dropped another shoe (to join the tariffs, sanctions and export controls, and immigration issues) and upped the stakes for ethics and...more
What happens when data protection collides with the relentless pace of digital innovation? That’s the question the European Data Protection Board (EDPB) seemed to confront head-on in 2024, a year marked by unprecedented...more
Hello, everyone. My name is Allan Medina. I am a partner in Goodwin’s Washington, DC, office, with a practice focus on government investigations. I’m here with Liza Craig, who is also a partner in the DC office. We are...more
In today’s digital landscape, privacy policies have evolved from obscure legal documents into essential corporate governance tools. As data privacy regulations expand globally, organizations face increasing compliance...more
After years of proposed state privacy legislation, Massachusetts lawmakers are poised to once again consider enacting a comprehensive state consumer privacy law in the Commonwealth this legislative session. At a hearing of...more
As Oregon’s data privacy landscape continues to evolve, nonprofits must take note: the Oregon Consumer Privacy Act (OCPA) will apply to nonprofit organizations beginning on July 1, 2025. The grace period granted to nonprofits...more
Today, the HHS Office for Civil Rights (OCR) stands shoulder-to-shoulder with the likes of the Office of Inspector General and Office of General Counsel, one of just a dozen or so agencies reporting directly to the secretary....more
In honour of the International Association of Privacy Professionals (IAPP) London 2025 conference , we hosted a webinar on European privacy litigation. This post summarises some of the key UK privacy cases we covered in that...more
Artificial intelligence (AI) has made enormous strides in recent years and has increasingly moved into the public consciousness. Explore Trendscape Our take on the interconnected global trends that are shaping the business...more
This week in our March Privacy Forecast, we discuss privacy and data security enforcement trends at the state and federal levels. Particularly as state privacy laws continue to expand and evolve, companies should understand...more
Today’s post will address the limited publicity of some of the CCF’s decisions....more
A bipartisan coalition of 28 AGs filed an amicus brief supporting the FCC in its defense of its “one-to-one consent” Rule, which would close a consent loophole by requiring written consent from consumers for robocalls and...more
On February 21, 2025, representatives in the California legislature introduced California Assembly Bill 1355, also known as the California Location Privacy Act (“AB 1355”). AB 1355 seeks to amend the California Consumer...more
A groundbreaking law in Utah is poised to shake up how minors access apps. Earlier this month, Utah’s state legislature passed S.B. 142 (App Store Accountability Act), which requires major app store providers to verify users’...more
On January 20, the US Department of Homeland Security (DHS) rescinded 2021 guidelines that previously designated hospitals, clinics, and other health care facilities as “protected areas” and limited immigration enforcement...more
Colorado made history in May 2024 when it became the first state to adopt a comprehensive artificial intelligence (AI) consumer protection law. This landmark legislation has inspired other states, including Virginia, to...more
Déjà vu all over again: after Colorado and Virginia established competing standards for comprehensive privacy laws in 2021, history appears to be repeating itself in the artificial intelligence (AI) space. Virginia’s...more
The New York legislature passed its version of Washington’s My Health My Data Act (“WA MHMDA”) on January 22, 2025. Currently awaiting action by Governor Kathy Hochul, the New York Health Information Privacy Act (“NY HIPA”)...more