No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Rethinking Records Retention
#Risk New York Speaker Series: The Future of AI Governance in GRC with Matt Kelly
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
On 25 June 2025, the European Commission announced its proposal for a “Space Act” that would introduce a new regulatory framework for EU space activities. The proposed framework includes cyber-resilience obligations for EU...more
The U.S. Department of Justice (DOJ) is set to enforce its sweeping new rule on certain U.S. data transactions with countries of concern and covered persons as of July 9, 2025. The new rule regarding “Preventing Access to...more
Key Takeaways - - Texas’ new law governing artificial intelligence, which takes effect at the start of 2026, introduces both familiar and novel regulations on the use of AI by companies and government entities. - Provisions...more
On June 22, 2025, Texas Governor Greg Abbott signed into law the Texas Responsible Artificial Intelligence (AI) Governance Act (Texas AI Act). The Texas AI Act adopts a unique approach to regulating AI that has not been...more
On June 22, 2025, Governor Abbott signed the Texas Responsible Artificial Intelligence Governance Act (TRAIGA), which will take effect January 1, 2026. Any business or government agency working with AI in Texas should take...more
The Texas Responsible Artificial Intelligence Governance Act (TRAIGA), which was signed into law by Governor Greg Abbott on June 22, 2025, and is effective January 1, 2026, establishes a framework for regulating the...more
Cross-border marketing of products or services by an overseas company (a body corporate incorporated outside of Bermuda) to customers in Bermuda could be construed as carrying on business in Bermuda and, if so, would be...more
Executive Summary - The EU Data Act, whose requirements apply from 12 September 2025, establishes new rights for businesses and consumers to access data they generated using “connected devices,” limiting the exclusive...more
This post is one in a series where we discuss the US Department of Justice’s (DOJ’s) bulk sensitive data rule (rule), which prohibits individuals or entities from certain foreign countries, including China, from accessing...more
On June 22, 2025, Texas Governor Greg Abbott signed the Texas Responsible Artificial Intelligence Governance Act (TRAIGA or the Texas AI Act) into law. The new law goes into effect January 1, 2026. The law places obligations...more
The Interim AI Measures is China's first specific, administrative regulation on the management of generative AI services. Laws/Regulations/National Standards directly regulating AI (the "AI Regulations") The Cyberspace...more
The European Union Artificial Intelligence Act (EU AI Act) is rapidly reshaping the regulatory landscape for AI development and deployment, both within Europe and globally. In a recent Cooley webinar, partner Patrick Van...more
In today's world, violations of individual privacy and secret disclosure are a serious problem. It may be eavesdropping, interception, recording, and the spreading of personal information without the consent of the other...more
On May 8, Montana Governor Greg Gianforte signed into law Senate Bill 297 (SB 297), a bill that significantly revises the existing Montana Consumer Data Privacy Act (MCDPA). Although the MCDPA took effect on October 1, 2024,...more
Important changes are coming to 42 CFR Part 2 (Part 2), which deals with the confidentiality of patients’ substance use disorder (SUD) records. On April 16, 2024, the US Department of Health and Human Services (HHS) published...more
After a relatively slow start to 2025, the California Privacy Protection Agency (CPPA) is firing on all cylinders now. In recent weeks, the CPPA (i) revised the proposed Delete Request and Opt-out Platform (DROP) regulations...more
On April 16, regulators from California, Colorado, Connecticut, Delaware, Indiana, New Jersey, and Oregon announced the creation of the Consortium of Privacy Regulators, a new collaborative effort focused on the...more
In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more
What's Changed? The U.S. Department of Justice (DOJ) published a Data Security Program (DSP), pursuant to a final rule (Final Rule), which became effective on April 8, 2025....more
U.S. organizations should carefully review and ensure their privacy and cybersecurity practices comply with a wide-ranging new federal rule establishing data transfer restrictions regarding sensitive U.S. personal data. The...more
As if legal and compliance professionals had enough responsibilities on their plates, DOJ dropped another shoe (to join the tariffs, sanctions and export controls, and immigration issues) and upped the stakes for ethics and...more
What happens when data protection collides with the relentless pace of digital innovation? That’s the question the European Data Protection Board (EDPB) seemed to confront head-on in 2024, a year marked by unprecedented...more
After years of proposed state privacy legislation, Massachusetts lawmakers are poised to once again consider enacting a comprehensive state consumer privacy law in the Commonwealth this legislative session. At a hearing of...more
Today, the HHS Office for Civil Rights (OCR) stands shoulder-to-shoulder with the likes of the Office of Inspector General and Office of General Counsel, one of just a dozen or so agencies reporting directly to the secretary....more
Artificial intelligence (AI) has made enormous strides in recent years and has increasingly moved into the public consciousness. Explore Trendscape Our take on the interconnected global trends that are shaping the business...more