Great Women in Compliance - Compliance as a Product Differentiator with Susan Cooper
State Law Privacy Video Series | Privacy and Sensitive Information
State Law Privacy Video Series | Healthcare Entities and Health Data
State Law Privacy Video Series | Employee Exemptions
State Law Privacy Video Series | Applicability
Privacy Talk | The New Swiss Data Protection Act
At long last, on November 13, 2025, India’s Ministry of Electronics and Information Technology (MeitY) released the Digital Personal Data Protection Rules (Rules), which operationalize the Digital Personal Data Protection...more
The Philippines’ National Privacy Commission (NPC) has directed Tools for Humanity (Worldcoin) to stop processing biometric data, emphasizing that biometric information is not a commodity for trade....more
In today’s episode, Lisa Fine speaks with Susan Cooper, Vice President of Regulatory Compliance Programs and Global Data Protection Officer at Meta, discussing her approach to compliance in the technology sector. Susan...more
The English Court of Appeal has handed down an important judgment in Farley v. Paymaster (Equiniti) [1] on when compensation may be claimed for nonmaterial damage (such as distress or anxiety) arising out of breaches of the...more
In this short series of podcasts, senior knowledge lawyer, Emma Keeling, and A&O Shearman’s data consultant and former ICO Deputy Commissioner, Steve Wood, take a look at some of the key data protection and e-privacy aspects...more
In response to the UK’s new Data (Use and Access) Act 2025 (DUA Act) coming into force, the UK Information Commissioner (ICO) has launched two public consultations. The consultations, which aim to shape final guidance on...more
The UK Data (Use and Access) Act 2025, which came into force on 19 June 2025 and will be implemented in a phased approach, marks a significant shift in the United Kingdom’s approach to data regulation....more
The Personal Information Protection Act (PIPA) is a critical framework for protecting individuals’ personal information in Bermuda. Under PIPA organisations are required to adhere to several key principles, including ensuring...more
Claims involving the alleged collection and use of consumer data continued to drive trends in privacy class actions and mass arbitrations in 2024. Biometrics Litigation - The Illinois Biometric Information Privacy Act...more
Under the banner of strengthening consumer data protection, Texas is ramping up enforcement of its comprehensive data privacy act, sending a nationwide signal that Texas is serious about safeguarding the personal data of...more
U.S. privacy law continued to expand in 2024, both geographically and substantively. We now have 19 states with comprehensive consumer privacy laws (some of which are already in effect, while others become effective in...more
On November 14 2024, the Constitutional Court of Chile approved Bill No. 11144-07, regulating the protection and processing of personal data and creating the Personal Data Protection Agency, and Bill No. 11092-07, regulating...more
On June 29, 2024, Rhode Island’s governor signed the Rhode Island Data Transparency and Privacy Protection Act (RIDTPPA) into law. The RIDTPPA will go into effect January 1, 2026. The law generally aligns with other...more
Q1 Is there scope to use AI in commercial contracts? Will it save time, or ultimately cost more time in review and pose greater risk?...more
Signed into law at the beginning of 2024, colloquially known as the New Jersey Data Protection Act (NJDPA), N.J. Stat. § 56:8-166.4 et seq. will go into effect on January 15, 2025, as New Jersey joins eighteen other states...more
On September 13, 2024, the Colorado Attorney General’s office (the Colorado Department of Law) proposed draft amendments (draft regulations) to its Colorado Privacy Act (CPA) regulations, which took effect in 2023. The draft...more
Malaysia is in the process of updating its Personal Data Protection Act to align more closely with laws in other jurisdictions. The law was originally passed in 2010 and then modified this year. As part of the modification...more
In an era defined by rapid digital transformation and heightened concerns over personal data security, the landscape of consumer data privacy laws in the United States has evolved significantly. As of this writing, a...more
On June 28, the Rhode Island Data Transparency and Privacy Protection Act (DTPPA) was enacted without Governor Dan McKee’s signature, making Rhode Island the twentieth state to enact comprehensive consumer data privacy...more
On May 24, 2024, Minnesota’s governor signed the 18th comprehensive state privacy law since California enacted the first comprehensive data privacy legislation in 2018. The Minnesota Consumer Data Privacy Act (“MCDPA”) will...more
Rhode Island became the latest state to enact comprehensive data privacy legislation, when the Rhode Island Data Transparency and Privacy Protection Act (the "Rhode Island Data Privacy Act") passed into law on June 28, 2024....more
On May 24 2024, Senate Bill 4757, a bill for an act relating to commerce containing the Minnesota Consumer Data Privacy Act (the 'Act'), was approved by the Governor of Minnesota. The Act, which becomes effective on July 31...more
On May 19, 2024, the Minnesota Legislature passed a comprehensive privacy bill, sending the Minnesota Consumer Data Privacy Act (MCDPA) to Governor Tim Walz’s desk for signature into law. The law, which would take effect...more
In September 2023, Delaware became the seventh state in 2023 to enact comprehensive privacy law with the Delaware Personal Data Privacy Act (DPDPA), joining Indiana, Iowa, Montana, Oregon, Tennessee and Texas. The DPDPA will...more
In April, House Committee on Energy and Commerce Chair Cathy McMorris Rodgers (R-WA) and Senate Committee on Commerce, Science and Transportation Chair Maria Cantwell (D-WA) introduced the American Privacy Rights Act of 2024...more