Rethinking Records Retention
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
Top Healthcare Compliance Priorities for 2025
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
As we look back at 2024 and what the new year might bring in the data privacy space, one particular aspect stands out as a focus: youth online privacy and safety. ...more
Oh say, can you see, Part 5 in our Washington My Health My Data Act series? This is the fifth installment in our series on the Washington My Health My Data Act (“WMHMDA”)....more
Montana is the ninth state to enact a comprehensive consumer data privacy law - Montana Governor Greg Gianforte signed the Montana Consumer Data Privacy Act (MTCDPA) on May 19, 2023, after unanimous passage through the...more
One internet search of the CCPA or the CPA reveals a plethora of articles outlining standard data protection requirements under those laws, from privacy notice requirements to new mandatory contractual provisions. But the...more
By now, most businesses are aware of the growing requirements to provide notice to consumers regarding how a business uses and discloses personal information. In addition to existing regulations, five new privacy laws will go...more
Consent is newly defined by the California Privacy Rights Act (CPRA). While this new definition of consent—which highlights specific, informed, and freely-given actions—closely aligns with the European Union’s General Data...more
Enforcement of the California Consumer Privacy Act (CCPA) began July 1, 2020. Our privacy team at Troutman Pepper includes several attorneys who worked in an attorney general’s office. This privacy regulatory team has...more
The California Consumer Privacy Act (CCPA) has forced companies across the United States (and even globally) to seriously consider how they handle the personal information they collect from consumers. By its terms, however,...more
With less than a year remaining before Brazil's General Data Protection Law (referred to as the LGPD) takes effect, HR professionals should start preparing. Originally Published in of SHRM - January 2020....more
Last week, Maine enacted an internet privacy law requiring broadband internet service providers (ISPs) to obtain a customer’s express, affirmative consent before using their personal information, including browsing history....more
Wikipedia defines privacy as “the ability of an individual or group to seclude themselves, or information about themselves, and thereby express themselves selectively. The boundaries and content of what is considered private...more
The European Union’s General Data Protection Regulation (GDPR) came into force on May 25, 2018. To assist Canadian organizations with their potential compliance efforts with respect to this legislation, the following is...more
The Federal Trade Commission (FTC) has announced that it has settled its Complaint against operators of the lead generation business Global Media, LLC and its CEO Christopher Kay for $104 million. The judgment has been...more
The European Commission's proposed e-privacy regulation sets forth obligations on handling electronic communications and clarifies obligations for seeking consent for the use of cookies. Meant to bring the e-privacy directive...more
As multinational employers are aware, data privacy laws can vary greatly from jurisdiction to jurisdiction. Ensuring compliance with the different requirements can be challenging, and the penalties for noncompliance can be...more
A new privacy law requires companies to make specific statements about what information is collected on its website. Like California, it also requires that companies state in writing whether they respect “Do Not Track”...more
As I reported earlier today, the Court of Justice of the EU (ECJ) has declared Safe Harbor invalid. The full decision is now available online in English (other languages also available at curia.europa.eu by searching on...more
The initial reports of the ECJ’s decision in the Schrems Safe Harbor case (C-362/14) indicate that the Court of Justice of the EU has declared Safe Harbor invalid and sent the case back to the Irish Data Protection Authority...more
On September 1, 2015, the Digital Advertising Alliance ("DAA") began enforcing the application of its Self-Regulatory Principles for Online Behavioral Advertising and Multi-Site Data (the "OBA Principles", the "MSD...more
Recent enforcement actions by the Bavarian Data Protection Authority (DPA) [Bayerisches Landesamt für Datenschutzaufsicht] highlight the importance of severe restrictions placed on the transfer of such data, even in the...more
Parties to transactions involving personal data in Europe are well-advised to investigate whether individual consent or the offer of opt-outs are required to avoid the risk of fines and other sanctions imposed by the DPA or...more
Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”) has been amended by The Digital Privacy Act (the “DPA”). DPA updates PIPEDA and modernizes Canadian data privacy and security law. DPA is now...more