FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
AI Talk With Juliana Neelbauer - Episode Three - Cybersecurity Insurance: Coverage Challenges and Changes
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Protect, Prepare, Prevail: Navigating a Complex Cybersecurity World
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Crafting an Effective Law Firm Generative AI Policy for Responsible Business Use: On Record PR
2025 Privacy Law Preview: Be Prepared
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
"Monsters Inc." y el tratamiento de los datos
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
AI Discrimination and Emerging Best Practices – Part 2 - The Good Bot Podcast
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
Recently, there has been an increase in individual rights activity across Europe, particularly organizations receiving Data Subject Access Requests (DSARs) from former employees. ...more
In a noteworthy step toward international privacy collaboration, the California Privacy Protection Agency (CPPA) has entered into a formal declaration of cooperation with the U.K. Information Commissioner's Office (ICO). This...more
As our world has grown more connected and digitalized, and as smart, data-driven devices — including those that form the Internet of Things (IoT) — have become more prevalent, regulators have begun to reframe how they address...more
This update provides an overview of the recent key publications, findings and reports issued during the last quarter....more
Recent Rulings Could Signal Expansion of California Consumer Privacy Right of Action - Judges in two separate cases in the U.S. Northern District of California (“N.D. Cal.”) recently ruled that class actions brought by...more
Are you using artificial intelligence in your business operations? Do you have AI embedded in the goods and services you offer customers? The regulatory framework applicable to AI continues to develop, including across US...more
Many financial services businesses are subject to legal or regulatory obligations that require them to verify the identity of their customers. Although innovative technological tools, including those using artificial...more
We are excited to welcome Mathilde Carle as a partner in Morgan Lewis’s Paris office and as a guest contributor to our Tech & Sourcing Spotlight series to discuss intellectual property (IP) protection and other related issues...more
As global learning experiences become more common in K–12 education, schools increasingly send staff and students abroad for cultural exchanges, academic competitions, service trips, and more. While these trips offer...more
In today’s fast-paced digital landscape, Artificial Intelligence (AI) is reshaping industries, unlocking new efficiencies, and enabling transformative business models. Companies leveraging AI to create applications or enhance...more
The possibilities in the Microsoft Copilot universe continue to expand. Discover the latest Copilot features and related risks you should know about along with guidance on how to better manage them....more
Kilpatrick’s Tony Glosson recently spoke at the German Accelerator New York City Cohort during the organization’s “Immersion Week.” He discussed recent developments in the ever-evolving legal landscape of U.S. data...more
Between January 14 and January 19, 2025, the Ministry of Information, Communications, and Technology (the "Ministry") held a consultation on a draft of Kenya's National Artificial Intelligence (AI) Strategy 2025-2030. This...more
On April 22, 2025, the EU Commission’s AI Office published draft guidelines to clarify the obligations in the EU AI Act for providers of general-purpose AI models (guidelines). These obligations will be applicable to AI...more
On April 21, 2025, Arkansas Governor Sarah Huckabee Sanders signed into law the Arkansas Children and Teens’ Online Privacy Protection Act (Act), which will become effective on July 1, 2026. It draws inspiration from the...more
On 14 February 2025, the Cyberspace Administration of China (“CAC”) issued the “Administrative Measures for Personal Information Protection Compliance Audits” (the "Measures"), which will take effect on 1 May 2025. The...more
The 1:10:100 rule—coined in 1992 by George Labovitz and Yu Sang Chang, the rule describes how much bad data costs. Preventing the creation of bad data at its source costs $1. Remediating bad data costs $10. Doing nothing...more
On 15 April 2025, the Dutch Data Protection Authority (DPA) issued warnings to 50 organisations, including online retailers, media companies, and insurers, for deploying misleading cookie banners or unlawfully placing...more
On April 22, 2025, the AI Office within the EU Commission launched a multi-stakeholder consultation to assist in the preparation of guidelines aiming at clarifying the scope of the rules for providers of GPAI models in the AI...more
While the authorities’ publications on AI have recently tended to be in the area of data protection (such as the EDPB, which we covered here and here), the European Commission has recently published its first set of [draft]...more
Encryption is one of several cornerstones of a robust information security program. Articles on quantum computing often include the compelling narrative that encryption is at risk, but as with any revolutionary technology,...more
On April 14 2025, the European Data Protection Board (EDPB) announced the outcomes of its plenary session that took place on April 8 2025, during which the EDPB adopted draft Guidelines on processing of personal data through...more
A Durham County class action asks whether “My Chart,” a widely used portal that medical providers use to communicate with patients about test results, conditions, and treatments should more aptly be labeled “Our Chart.”...more
What happens when data protection collides with the relentless pace of digital innovation? That’s the question the European Data Protection Board (EDPB) seemed to confront head-on in 2024, a year marked by unprecedented...more
On April 14, 2025, the National Institute of Standards and Technology (NIST) released a draft update to the NIST Privacy Framework 1.1. The updates are meant to enhance organizations’ data governance and risk management and...more