No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Rethinking Records Retention
#Risk New York Speaker Series: The Future of AI Governance in GRC with Matt Kelly
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
On June 5, 2025, the UK’s Information Commissioner’s Office (ICO) fined 23andMe £2.31 million (~$3.1 million). The fine was for failing to implement adequate security measures to protect the personal data of over 155,000 UK...more
ComplexDiscovery’s Editor’s Note: This recent €310 million fine imposed on LinkedIn by Ireland’s Data Protection Commission (DPC) marks a powerful moment in GDPR enforcement, underlining the regulatory rigor facing global...more
Dutch data privacy officials recently imposed a staggering penalty on Uber – €290 million ($324 million) – for allegedly breaching the European Union’s comprehensive data privacy and security law. This groundbreaking fine is...more
Warum ist das relevant? Bei Verstößen gegen das Datenschutzrecht drohen Unternehmen insbesondere zwei Konsequenzen: Maßnahmen der Datenschutzaufsichtsbehörden inkl. möglicher DSGVO-Geldbußen nach Art. 83 DSGVO sowie...more
The Information Commissioner's Office (the "ICO") has clarified the methods it will use to calculate the fines it will issue for breaches of data privacy law in the UK by publishing its latest Data Protection Fining Guidance...more
Die europäischen Datenschutzbehörden haben eine koordinierte Prüfaktion mit Fokus auf das Auskunftsrecht gem. Art. 15 DSGVO gestartet. Dabei handelt es sich um eines der in der Praxis bedeutsamsten Datenschutzrechte, gerade...more
Warum ist das relevant? Die bisherige deutsche Rechtslage ging davon aus, dass die bloße Feststellung eines Datenschutzverstoßes durch ein Unternehmen für die Verhängung einer Geldbuße nicht ausreichend war. Vielmehr musste...more
Easily track, manage, archive, and audit consumer data requests, subject access requests (SARS), and other processes needed to keep your company compliant. In an era of increasing scrutiny and activity surrounding data...more
On January 19, the Irish Data Protection Commission (DPC) announced the conclusion of an inquiry into the data processing practices of a U.S.-based messaging service’s Ireland operations and fined the messaging service €5.5...more
Ireland’s Data Privacy Commissioner will reportedly fine Instagram for its handling of children’s data. According to an investigation that began in 2020, Instagram published emails and phone numbers for children ages 13 to 17...more
This year has seen further record GDPR fines levied by Data Protection Authorities, however, a second “under the radar” risk exists—namely, being sued for damages. Today we saw a sea-change case (Lloyd v Google) ruling by...more
On September 2, 2021, EU regulators fined Facebook-owned chat service, WhatsApp, £225 million (around $266 million) for failing to fully disclose its user data collection and sharing practices. This is the second largest fine...more
Last Friday, China passed the world’s harshest data privacy law, threatening violators with fines of up to 50 million Yuan (or about $7.7 million at the time of publication) or 5% of annual revenue. The Personal Information...more
his week sees a key hearing before the UK Supreme Court in the case of Lloyd v Google, an event long awaited by those familiar with data protection law proceedings in Europe. The case concerns the so-called “safari...more
First we take Sacramento, then we take Berlin: How do US data protection laws affect how you do business. The webinar is aimed at in-house or outside counsel, as well as data protection and compliance officers. In this...more
The Spanish Data Protection Agency (“Spanish DPA”) decided to start 2021 the same way it ended 2020: by imposing the highest fines to date (EUR 5,000,000 and 6,000,000) to two large Spanish financial entities. ...more
On November 3, California voters passed the California Privacy Rights Act, a ballot initiative that substantially amplifies data privacy oversight for qualifying enterprises doing business in California. Although it builds...more
The California Consumer Privacy Act: The Next Frontier - The California Consumer Privacy Act (CCPA) has been called the beginning of America’s GDPR. As the most comprehensive privacy law in the United States, entities...more
In this episode of OnRisk, Lucas Tanglen and Jeff Meagher discuss the cyber insurance implications of the European Union’s new privacy regulation—the General Data Protection Regulation or GDPR. The GDPR, which took effect on...more
On 21 January 2019, the French Data Protection Authority (the “French DPA”) fined Google LLC 50 million euros for breach of the GDPR. As we reported on this blog, just after GDPR became applicable, noyb.eu (None of Your...more
With enactment of the Personal Information Protection Act (PIPA), Bermuda can now count itself among the ever-expanding list of jurisdictions with enhanced privacy protections. PIPA, passed on July 27, 2016, and entered into...more
The European Commission's proposed e-privacy regulation sets forth obligations on handling electronic communications and clarifies obligations for seeking consent for the use of cookies. Meant to bring the e-privacy directive...more