Rethinking Records Retention
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
Top Healthcare Compliance Priorities for 2025
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Following a German case brought against the EU Commission, the EU General Court found that the Commission had made an improper transfer of personal information to the US. The plaintiff, a German citizen, alleged (among other...more
On 3 January 2025, the Cyberspace Administration of China (“CAC“) released for public consultation the draft Measures for Certification of Personal Information Protection for Cross-Border Transfer of Personal Information...more
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
The Cyberspace Administration of China (“CAC”) on September 28, 2023 issued the draft Provisions on the Regulation and Promotion of Cross-Border Data Flows (“draft Provisions”), just one year after China’s data export...more
The UK and U.S. Governments have now formalized the UK-U.S. Data Bridge. The U.S. Attorney General designated the UK as a “qualifying state” for the purposes of the Executive Order 14086 on September 18, 2023, and the UK...more
A new framework has been adopted for data transfers between the European Union and the United States. But is it legally sound? On 20 September 2023, the European Commission’s new Adequacy Decision for companies in the...more
The Brazil Data Protection Agency (“ANPD”) on August 15, 2023 released a draft of the International Transfer of Personal Data Regulation (“Regulation Draft”) and the standard contractual clauses (“SCCs”) for public comment....more
Publications and Advisories - July 31, 2023 – Dave Brown, Kate Hanniford, Kim Peretti, Julia Mediamolle, Cara Peterman, Sierra Shear, Kristen Bartolotta, and Kezia Osunsade published “Securities Law, Securities Litigation,...more
On July 10, the European Union and the United States finalized the EU-U.S. Data Privacy Framework (DPF), an agreement that allows for the transfer of personal data from residents of the EU to certified companies in the U.S....more
On July 10th, the European Commission issued its Implementing Decision regarding the adequacy of the EU-UD Data Privacy Framework (“DPF”). The Decision has been eagerly awaited by US and Europe based commerce, hoping it will...more
On July 10, 2023, the European Commission adopted its adequacy decision on data transfers for the EU-U.S. (European Union/United States) Data Privacy Framework (DPF). The adequacy decision concluded that the United States...more
As of July 17, 2023, U.S.-based multinational employers that can access the personal data of their workforce members in the European Union (EU) via a human resources information system (HRIS), or otherwise transfer the...more
On July 10, 2023, the European Commission adopted its adequacy decision for the EU-US Data Privacy Framework (DPF). The decision concluded that the United States does ensure an adequate level of protection for transferring...more
On 10 July 2023, the European Commission adopted its long-awaited adequacy decision for the EU-U.S. Data Privacy Framework (the DPF). With immediate effect, the adequacy decision provides a new lawful basis for transfers from...more
On July 10, the European Commission (EC) published its data adequacy decision for the new EU-U.S. Data Privacy Framework (EU-U.S. DPF). This means that companies can transfer personal data from EU countries and from Iceland,...more
On July 10, 2023, the European Commission (“EC”) adopted its adequacy decision for the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”). Nearly three years after the Court of Justice of the European Union (“CJEU”)...more
In a Nutshell - On 10 July 2023—nearly three years to the day after the Schrems II decision of the Court of Justice for the European Union (CJEU) (Schrems II Decision, see our Alert here)—the EU Commission has adopted the...more
What Happened? On July 10, 2023, the European Commission (‘EC’) adopted its long-awaited adequacy decision approving the EU-U.S. Data Privacy Framework (‘DPF’). By doing so, the EC is confirming that personal data...more
On June 29, 2023, the Cyberspace Administration of China ("CAC") and the Innovation, Technology and Industry Bureau of the Hong Kong Special Administrative Region ("Hong Kong") Government ("HKITIB") signed the Memorandum of...more
In this episode, partners Amigo Xie, Corey Bieber, and Whitney McCollum focus on the China Data Privacy laws, the recent China Standard Contract that took effect 1 June 2023, and the effects and restrictions it may have on...more
On 30 May 2023, the Cyberspace Administration of China (the “CAC”) published guidance for the use of the Standard Contractual Clauses applicable to international transfers of personal information from mainland China (the...more
The Cyberspace Administration of China (CAC) issued guidelines for organisations on filing the standard contract for the export of personal information (Guidelines) on 30 May 2023. Earlier this year, the CAC issued Standard...more
It shouldn’t come as a surprise that the European Data Protection Board (EDPB), through Ireland’s Data Protection Commission (DPC), issued another fine against a large US technology company. What may come as a surprise is the...more
It has been a long time coming, but the other shoe has finally dropped. Ireland’s Data Protection Commission (DPC) fined Meta Platforms Ireland (parent of Facebook Ireland) €1.2 billion, the highest fine to date under the...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more