Rethinking Records Retention
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
Top Healthcare Compliance Priorities for 2025
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Online retailers now face an increasingly complex matrix of state consumer-privacy statutes that impose prescriptive requirements on data collection, monetization, and cybersecurity practices. ...more
China rolled out its “new,” streamlined cross-border data transfer (CBDT) regime on March 22, 2024, with the issuance by the Cyberspace Administration of China (CAC) of the Provisions on Facilitating and Regulating...more
Businesses should expect to see “increased enforcement” from the California Privacy Protection Agency now that the agency has had four years to staff up and implement rules, the CPPA’s executive director said in an interview...more
In today's world, violations of individual privacy and secret disclosure are a serious problem. It may be eavesdropping, interception, recording, and the spreading of personal information without the consent of the other...more
In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more
The New York legislature passed its version of Washington’s My Health My Data Act (“WA MHMDA”) on January 22, 2025. Currently awaiting action by Governor Kathy Hochul, the New York Health Information Privacy Act (“NY HIPA”)...more
Dark Patterns come into focus as the California Privacy Protection Agency (CPPA) issues September 4 Enforcement Advisory. Recently, I attempted to cancel a digital subscription. While I expected the cancellation function...more
Senator Maria Cantwell (D-Washington) and Representative Cathy McMorris Rodgers (R-Washington) have presented a draft of a federal data privacy law, the American Privacy Rights Act (APRA). APRA would largely preempt the...more
Since 2011, I’ve attended the International Association of Privacy Professionals’ Global Privacy Summit in Washington, D.C. Each year one session gets everyone talking; this year the honor went to “Direct Insights from U.S....more
The news that California regulators can immediately begin enforcing new data privacy regulations will have an outsized impact on the PEO community. A surprise February 9 decision from a state appeals court pressed...more
For companies that slow-tracked their California compliance activities because of the tentative March 29, 2024 effective date due to the pending appeal on the regulation enforcement timeline, it is now time to prioritize...more
A decision by California's Third District Court of Appeal has allowed the California Privacy Protection Agency (CPPA) to resume enforcement efforts. On February 9, 2024, the Court overturned a California Superior Court...more
With the new year underway, and enforcement looming, it is more important than ever to ensure your organization is compliant with the California Privacy Rights Act (CPRA)—the amendment to the California Consumer Privacy Act...more
In 2019, the US data privacy framework changed significantly with the emergence of the California Consumer Privacy Act which created a significant compliance burden for most businesses that collect personal information about...more
On July 13, 2023, The Washington Post broke the news that the Federal Trade Commission (FTC) had issued a Civil Investigative Demand (CID) — a sort of a pre-litigation subpoena as part of what is supposed to be a nonpublic...more
On July 10, 2023, the European Commission announced that it had adopted its adequacy decision for the EU-U.S. Data Privacy Framework (EU-U.S. DPF). This long-awaited decision means that for the first time since the EU-U.S...more
To paraphrase what Ben Franklin may have been alluding to nearly 300 years ago in his famous quote, often the best approach when it comes to reducing the risk of litigation and government enforcement proceedings is to take...more
Washington State and Nevada have now passed health data privacy laws that impose obligations relating to the collection, processing, and sharing of “consumer health data.” Both laws (collectively, State Health Data Privacy...more
In June, Texas became the tenth state with a comprehensive privacy law. The Texas Data Privacy and Security Act (“TDPSA”) contains familiar provisions from other state privacy laws regulating the collection, use, processing,...more
On June 30, 2023, a California court enjoined until March 29, 2024, enforcement of the final regulations implementing the California Privacy Rights Act (CPRA). Importantly for employers, this ruling prevents enforcement of...more
Texas recently became the tenth state to pass a comprehensive consumer data privacy law when its legislature voted in favor of the Texas Data Privacy and Security Act (TDPSA). The bill was signed by Governor Greg Abbott on...more
Iowa has become the sixth state in the country to enact a comprehensive consumer privacy law, joining California, Virginia, Colorado, Connecticut, and Utah. The “Relating to Consumer Data Protection, Providing Civil...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
Background Note: Data privacy has become a critical issue in the digital era, with laws and regulations constantly evolving. As a result, it’s important for cybersecurity, information governance, and legal discovery...more
American Data Privacy and Protection Act would require organizations to limit collection of personal information, grant consumers access to their own data, enhance data protections for children, mandate implementation of...more