Podcast - ¿Es posible borrar tu pasado online? Análisis legal
The Data Diva Talks Privacy AI and Governance
Moving Beyond Checkbox Diligence with SOC Reports
DOJ’s Bulk Sensitive Data Transfer Rule: Key Insights for Health Care Compliance Teams – Diagnosing Health Care
Podcast - Registro de infieles: ¿Violación de datos personales?
Data Management Essentials for Businesses
AI Exacerbates Data Minimization Challenges
Point-of-Sale Finance Series: Privacy, Breaches, and Data Monetization — The Consumer Finance Podcast
The Briefing: Part Two: CCPA’s New Rules on Risk Assessments and Cybersecurity Audits
We get AI for work™: Preparing Real-World Healthcare Environments for an AI-Driven Future
Podcast - The Datasphere: Governing Data Beyond Borders
The Privacy Insider Podcast Episode 22: The Data Privacy of the Dead & Critiquing the Digital Divine with Carl Öhman of Uppsala University
Navigating Employee Data Responsibly: What’s the Tea in L&E?
We get AI for work™: Analyzing "Brewer v. Otter.ai" — A Case Study of the Legal Risks of AI Note Takers
We get Privacy for work — Episode 13: Demystifying Data Mining
The Privacy Insider Podcast Episode 21: What Businesses Get Wrong About Regulators and How to Fix Privacy Fast
AI's Impact on Litigation
Cybersecurity Insights for the Sandwich Generation with Dan Krutoy
The Down-Low on Data for Value-Based Enterprises and Their Participating Providers – Diagnosing Health Care Video Podcast
42 CFR Part 2 Final Rule: What’s Changing and What Do You Need to Know? – Diagnosing Health Care Video Podcast
Starting January 1, 2027, many companies will be subject to a new comprehensive privacy law in Louisiana. The state just adopted SB386, which applies to companies that have more than $25 million in revenue or satisfy other...more
An increasing number of our clients, particularly professional athletes, public figures, and other high-profile, high-net-worth individuals, are expressing heightened concerns regarding privacy, asset protection, and exposure...more
Eight years ago, on 25 May 2018, the General Data Protection Regulation (GDPR) became applicable across the European Union (EU). Organisations scrambled to update their privacy notices and data mapping exercises, and...more
This article catalogs the principal categories of risk that corporate counsel should evaluate, with concrete examples and an eye toward the contract levers that can mitigate each one. Data is the fuel for AI systems, and the...more
As summer temperatures rise, so too does the heat around federal privacy and cybersecurity enforcement. US Congress may still be struggling to pass a comprehensive federal privacy law, but businesses should not mistake...more
In today's world, when many of our most cherished memories and our most important financial and legal documents are stored on our phones, taking a moment to protect access to that information is more important than ever. If...more
Artificial intelligence (AI) offers clear efficiencies, but government contractors should proceed with caution before inputting protected documents, confidential information, or dispute-related facts into consumer AI tools in...more
Two courts in 2026 have allowed CCPA claims to proceed based on adtech use without addressing whether adtech discloses “personal information” under the CCPA - According to plaintiffs’ interpretation of a May 2026 decision...more
The protection of children online, including the safeguarding of their personal data, has emerged as a key regulatory focus in the UK, with the Government facing sustained pressure to address concerns about children’s safety...more
Can disclosing a patient’s email address to others in an email chain be considered a breach under HIPAA? Yes, it may, depending on the particular facts involved. If a medical practice or other covered entity has only...more
The 2026 legislative cycle reveals that state privacy law is diverging along partisan lines. Red-state legislatures are pursuing frameworks that retain the Virginia architecture while easing compliance burdens through broader...more
Consent requires a positive opt in; pre ticked boxes or implied consent are insufficient. Consent must be granular, unbundled from other terms and clearly distinguishable from general contractual acceptance....more
Children's privacy is once again the focus of attention from privacy authorities. The Office of the Privacy Commissioner of Canada (OPC), along with data protection and privacy authorities from around the world, recently...more
A new report by Wired states that customer data from “more than 350 hotels around the world may have been accessed as part of realistic reservation-hijacking scams.” According to the report, travelers’ information and booking...more
A publicly disclosed and widely unpatched zero-day vulnerability, named YellowKey, permits anyone with physical access to a device running Windows 11 or Windows Server 2022/2025 to bypass BitLocker full-disk encryption...more
As laws and market expectations regarding AI continue to evolve, so do contracting considerations associated with AI-enabled products and services. While contract language permitting vendors to use customer data for...more
Regulations proposed in June 2025 to implement the New Jersey Data Privacy Law expired on June 2, 2026, when the regulations were not adopted within a year of the proposal. The path forward for future rulemaking to implement...more
Law No. 2026-403 of 26 May 2026 on the simplification of economic activity introduces several measures that have long been awaited by stakeholders in the healthcare sector. Against a backdrop of increasing competition among...more
Cyber incidents are increasingly giving rise to complex, long‑tail litigation risk, particularly for financial services firms. As regulators place growing emphasis on operational resilience, outsourcing governance and...more
If you are a Signal user, be on the alert for a new phishing campaign that attempts to steal recovery keys used to access cloud backups. If successful, the attackers could have access to entire message archives,...more
Just over a year after Delaware’s privacy law took effect, state lawmakers are close to expanding its reach by passing a bill that could soon cover more businesses, narrow a key exemption, and expand the definition of...more
Same privacy playbook, bigger audience: Louisiana’s new law expands coverage because it applies to any company with more than $25 million in revenue. With a fast-approaching effective date and a short cure period, now is the...more
Quantum computing has moved from the laboratory into the national security conversation — and the regulatory landscape is shifting fast....more
A growing body of law indicates that inputting proprietary information into public artificial intelligence tools may undermine the reasonable measures and confidentiality requirements that are central to trade secret...more
With the publication in the Official Gazette on June 1, 2026 of Legislative Decree No. 96 of 7 May 2026, Italy has become one of the first EU member states to formally implement the EU Pay Transparency Directive...more