When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Back to School: 3 Essential Employee Trainings
A Sneak Peek into Data Mapping: What Implementation Really Looks Like
Safeguard your Business: Dinsmore's Craig Horbus on Combatting the Rising Threat of ACH Fraud
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
It's Time to Think About Data Mapping Differently
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
The landmark $1.4 billion settlement reached by the state of Texas and a social media company to settle allegations that the company’s platform unlawfully scanned the faces of millions of users in Texas serves as a warning to...more
What You Need To Know In A Minute Or Less - Beginning in 2023, courts across the United States have grappled with a wave of lawsuits challenging the legality and use of generative artificial intelligence (AI) systems and...more
Washington's My Health My Data Act (MHMDA) goes into effect on March 31, 2024, for most entities subject to the law. The MHMDA imposes new notice and consent requirements for the processing of "consumer health data," with...more
2023 brought a surge of data privacy developments, with a large expansion of state comprehensive privacy laws, litigation of new claims based on older laws (e.g. wiretapping and VPPA cases), increased scrutiny on data...more
In the latest example of privacy laws being stretched to fit new digital technologies, plaintiffs have begun to file a flurry of suits alleging that retailers are using pen register and trap-and-trace software to illegally...more
In the wake of the landmark Dobbs v. Jackson Women’s Health Organization decision, state consumer health data laws have emerged as a critical focal point in the rapidly evolving landscape of how consumer health data will be...more
Oh say, can you see, Part 5 in our Washington My Health My Data Act series? This is the fifth installment in our series on the Washington My Health My Data Act (“WMHMDA”)....more
Montana is the ninth state to enact a comprehensive consumer data privacy law - Montana Governor Greg Gianforte signed the Montana Consumer Data Privacy Act (MTCDPA) on May 19, 2023, after unanimous passage through the...more
One internet search of the CCPA or the CPA reveals a plethora of articles outlining standard data protection requirements under those laws, from privacy notice requirements to new mandatory contractual provisions. But the...more
Recent findings by the Office of the Privacy Commissioner of Canada (“OPC”) found that Home Depot of Canada Inc. (“Home Depot”) did not obtain valid meaningful consent to share summary purchase information with Meta Platforms...more
By now, most businesses are aware of the growing requirements to provide notice to consumers regarding how a business uses and discloses personal information. In addition to existing regulations, five new privacy laws will go...more
DAL Global Services LLC , an aviation ground handling service provider, was hit with a proposed biometric privacy class action in April of this year in the U.S. District Court for the Northern District of Illinois. ...more
Session Replay Software is a type of software typically utilized by businesses with consumer-facing websites. These businesses are typically very interested in making their website more interactive and responsive to consumer...more
Consent is newly defined by the California Privacy Rights Act (CPRA). While this new definition of consent—which highlights specific, informed, and freely-given actions—closely aligns with the European Union’s General Data...more
On Thursday, September 17, Senate Commerce Committee Chairman Roger Wicker (R-MS) and other Committee Republicans introduced a finalized version of their long-awaited data privacy legislation, which was first unveiled as a...more
After what seemed like a set of fits and starts for the California Consumer Privacy Act (CCPA), which went into effect on January 1, 2020, California Attorney General Xavier Becerra announced the approval of the final...more
Enforcement of the California Consumer Privacy Act (CCPA) began July 1, 2020. Our privacy team at Troutman Pepper includes several attorneys who worked in an attorney general’s office. This privacy regulatory team has...more
The California Consumer Privacy Act (CCPA) has forced companies across the United States (and even globally) to seriously consider how they handle the personal information they collect from consumers. By its terms, however,...more
With less than a year remaining before Brazil's General Data Protection Law (referred to as the LGPD) takes effect, HR professionals should start preparing. Originally Published in of SHRM - January 2020....more
An Illinois employee of Power Solutions International Inc. (Power Solutions) filed suit against his employer alleging violations of the Illinois Biometric Information Privacy Act (BIPA) when Power Solutions collected his...more
Tell me don’t sell me. In a new settlement order with the Federal Trade Commission, Unrollme was ordered to notify all its active users of the fact that it accesses or collects email purchase receipts for use in market...more
This week, the FTC entered into a proposed settlement with Unrollme Inc. (“Unrollme”), a free personal email management service that offers to assist consumers in managing the flood of subscription emails in their inboxes....more
Last week, Maine enacted an internet privacy law requiring broadband internet service providers (ISPs) to obtain a customer’s express, affirmative consent before using their personal information, including browsing history....more
On October 4, 2018, Internet of Things (“IoT”) device manufacturer Vizio Inc. agreed to settle (subject to court approval) a consolidated class action lawsuit alleging that the smart TV maker collected and sold customers’...more
Companies doing business in Illinois should consider getting up to speed on the Illinois Biometric Information Privacy Act (BIPA)....more