Rethinking Records Retention
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
Top Healthcare Compliance Priorities for 2025
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Episode 366 -- DOJ Issues Data Security Program Requirements
Vermont recently adopted the Vermont Age-Appropriate Design Code Act, which goes into effect on January 1, 2027. The law is enforceable by the Vermont Attorney General as an unfair or deceptive act or practice. The Attorney...more
With the use of artificial intelligence (“AI”) becoming more pervasive every day, it should not surprise our readers that regulators are increasingly focused on the use of AI and its associated consumer data privacy...more
The intersection of privacy, cybersecurity, and AI is reshaping risk and regulation in fintech. In a recent episode of The Fintech and Blockchain Podcast, our team explored how fast-moving developments—from AI-powered...more
On June 2, the New Jersey Division of Consumer Affairs (Division) published proposed regulations to implement the New Jersey Data Privacy Act (NJDPA). Of note, these rules were proposed months after the NJDPA went into effect...more
Utah Governor Spencer J. Cox signed three state AI bills into law that took effect May 7, 2025. These laws require businesses to make “you’re talking to a bot” disclosures and comply with privacy requirements when using AI in...more
In April, the Office of the Connecticut Attorney General (OAG) released an updated enforcement report under the Connecticut Data Privacy Act (CTDPA) to highlight privacy enforcement actions taken in 2024....more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
On April 16, 2025, a coalition of state attorneys general and privacy regulators from California, Colorado, Connecticut, Delaware, Indiana, New Jersey, Oregon, and the California Privacy Protection Agency (CPPA) announced the...more
On May 26, the governor of Nevada enacted SB 44 to impose new duties on financial services providers in Nevada, aligning state requirements for safeguarding customer information with FTC standards in its safeguards rule (16...more
While Artificial Intelligence (AI) has emerged as groundbreaking and significantly impacting various sectors and enhancing quality of life, the chasm between technological advancements and the law is growing by the...more
A new wave of state consumer privacy laws focused on limiting data collection is creating anxiety among businesses—and Maryland is leading the charge. The Maryland Online Data Privacy Act (MODPA), set to take effect in...more
Last May, Colorado Governor Jared Polis signed into law amendments to the Colorado Privacy Act ("CPA") that impose new obligations governing the collection, processing, retention, and disclosure of Coloradans' biometrics. The...more
Montana recently revised its Genetic Information Privacy Act to address neural data. The law went into effect in 2023, and applies to both entities that offer genetic testing services as well as entities that use genetic...more
Montana’s amendments also remove the cure period for alleged violations beginning in October, provide prescriptive methods through which businesses have to provide consumers with targeted advertising opt out rights, and...more
On May 8, 2025, the governor of Montana signed into law SB 297, which amends the Montana Consumer Data Privacy Act (MCDPA). The amendments become effective on October 1, 2025. Among other things, SB 297: • amends the...more
Organizations must continuously review and refine their data governance strategies to keep pace with a regulatory environment that is shifting at an unprecedented rate. In response to mandates for stronger compliance...more
Effective July 1, 2025, Tennessee enters the national privacy conversation with the Tennessee Information Protection Act (TIPA), becoming the latest state to enact a comprehensive consumer data privacy law. However, this...more
On May 8, Montana Governor Greg Gianforte signed into law Senate Bill 297 (SB 297), a bill that significantly revises the existing Montana Consumer Data Privacy Act (MCDPA). Although the MCDPA took effect on October 1, 2024,...more
Below, we catalog certain current state laws regulating the development and use of AI systems and technologies passed between 2019 and 2025. This list focuses on legislative initiatives that have passed and are in effect or...more
As summer approaches, three new state comprehensive privacy laws are poised to take effect, raising the number of states with effective comprehensive privacy legislation in the US to sixteen (with more to come in 2026). The...more
In this crossover episode of The Consumer Finance Podcast and Regulatory Oversight, Chris Willis, Kim Phan, and Stephen Piepgrass provide insights on a new joint privacy task force among several state AGs, known as the...more
Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: Virginia Governor Signs Bill Restricting Minor’s Use of Social Media:...more
On May 1, 2025, the California Privacy Protection Agency (CPPA) announced a major overhaul of its draft California Consumer Privacy Act (CCPA) regulations on automated decision-making, cybersecurity audits, risk assessments,...more
On May 1, the California Privacy Protection Agency (CPPA) Board held a meeting to discuss proposed amendments to the CPPA draft regulations on cybersecurity audits, risk assessments and automated decision-making technology...more
Montana’s governor signed Senate Bill 297 to overhaul key portions of the state’s Consumer Data Privacy Act and bring new protections for minors. The changes bring lower thresholds, updated exemptions, expanded notice...more