No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Rethinking Records Retention
#Risk New York Speaker Series: The Future of AI Governance in GRC with Matt Kelly
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
The U.S. Department of Justice (DOJ) is set to enforce its sweeping new rule on certain U.S. data transactions with countries of concern and covered persons as of July 9, 2025. The new rule regarding “Preventing Access to...more
The State Administration for Market Regulation and the Standardization Administration of China have jointly issued a new national standard applicable to companies conducting business in China, GB/T 45574-2025, Data Security...more
With the use of artificial intelligence (“AI”) becoming more pervasive every day, it should not surprise our readers that regulators are increasingly focused on the use of AI and its associated consumer data privacy...more
Pursuant to a newly effective U.S. Department of Justice (DOJ) regulation, the transfer and storage of certain sensitive U.S. government and personal data may be prohibited or restricted, depending on the intended recipient,...more
India’s Ministry of Electronics and Information Technology (MeitY) released in June 2025 a Business Requirement Document for Consent Management Under the DPDP Act, 2023 (BRD). The BRD, while not legally binding, provides...more
On 20 March 2025, the Nigeria Data Protection Commission (Commission), issued the General Application and Implementation Directive (GAID). The GAID serves as a regulatory framework for implementing the Nigeria Data...more
On May 26, the governor of Nevada enacted SB 44 to impose new duties on financial services providers in Nevada, aligning state requirements for safeguarding customer information with FTC standards in its safeguards rule (16...more
The Interim AI Measures is China's first specific, administrative regulation on the management of generative AI services. Laws/Regulations/National Standards directly regulating AI (the "AI Regulations") The Cyberspace...more
As questions of trust, surveillance, and data sovereignty become central to global trade, businesses face mounting pressure to prove not just compliance but true accountability. That’s why we turned to Constantine...more
Important changes are coming to 42 CFR Part 2 (Part 2), which deals with the confidentiality of patients’ substance use disorder (SUD) records. On April 16, 2024, the US Department of Health and Human Services (HHS) published...more
Health Insurance Portability and Accountability Act (HIPAA)-covered entities and business associates should be familiar with restrictions on the use or disclosure of protected health information (PHI) under HIPAA rules....more
On May 1, 2025, the California Privacy Protection Agency (CPPA) announced a major overhaul of its draft California Consumer Privacy Act (CCPA) regulations on automated decision-making, cybersecurity audits, risk assessments,...more
On April 11, 2025, the Department of Justice’s (DOJ) National Security Division (NSD) released an Implementation and Enforcement Policy, a Compliance Guide, and a list of over 100 Frequently Asked Questions (FAQs) to help...more
On April 24 2025, the French supervisory authority (CNIL) issued a draft recommendation to address challenges in collecting user consent for cookies and trackers across multiple devices (the Draft Recommendation). The new...more
On April 22, 2025, the Federal Trade Commission ("FTC") published the finalized amendments to the Children's Online Privacy Protection Act ("COPPA") Rule (the "Rule"), marking the first major update since 2013....more
On April 14, 2025, the National Institute of Standards and Technology (“NIST”) released draft updates to the NIST Privacy Framework, designed to address current privacy risk management needs, enhance usability, and align the...more
On June 23, 2025, businesses will face a new world of children’s privacy regulation, with amendments to the Children’s Online Privacy Protection Act (COPPA) imposing a host of requirements on operators. The sweeping new...more
On April 21, 2025, the Federal Trade Commission (FTC) finalized a significant and long-awaited update to the Children’s Online Privacy Protection Act (COPPA) Rule—the law’s first update since 2013. The revised Rule introduces...more
In a letter dated April 28, 2025, a group of US senators urged Federal Trade Commission (FTC) Chair Andrew Ferguson to examine and address the privacy risks associated with the growing market for consumer devices capable of...more
U.S. organizations should carefully review and ensure their privacy and cybersecurity practices comply with a wide-ranging new federal rule establishing data transfer restrictions regarding sensitive U.S. personal data. The...more
On 14 February 2025, the Cyberspace Administration of China (“CAC”) issued the “Administrative Measures for Personal Information Protection Compliance Audits” (the "Measures"), which will take effect on 1 May 2025. The...more
Could your routine data transfers now violate federal law? The DOJ’s new Data Security Program (DSP) targets the flow of U.S. sensitive personal and government data to foreign adversaries — and the clock is ticking. In this...more
As if legal and compliance professionals had enough responsibilities on their plates, DOJ dropped another shoe (to join the tariffs, sanctions and export controls, and immigration issues) and upped the stakes for ethics and...more
On April 22, 2025, the Federal Trade Commission (FTC) published the finalized amendments (Amendments) to the Children’s Online Privacy Protection Rule (COPPA Rule) that would impose additional restrictions on website and...more
As companies increasingly leverage automated technologies in their recruiting and hiring processes, legislators and regulators are increasingly focused on establishing guardrails to ensure fairness. As a result, companies...more