FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
AI Talk With Juliana Neelbauer - Episode Three - Cybersecurity Insurance: Coverage Challenges and Changes
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Protect, Prepare, Prevail: Navigating a Complex Cybersecurity World
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Crafting an Effective Law Firm Generative AI Policy for Responsible Business Use: On Record PR
2025 Privacy Law Preview: Be Prepared
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
"Monsters Inc." y el tratamiento de los datos
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
AI Discrimination and Emerging Best Practices – Part 2 - The Good Bot Podcast
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
On April 28 2025, the Court of Justice of the European Union (CJEU) published an updated version of the fact sheet (the Fact Sheet) summarising key case law on protection of personal data. The Fact Sheet covers the case law...more
While Andrew Ferguson advocates for a restrained regulatory approach at the FTC, his statements and voting record reveal clear priority areas where businesses can expect continued vigorous enforcement. Two areas stand out in...more
On April 24 2025, the French supervisory authority (CNIL) issued a draft recommendation to address challenges in collecting user consent for cookies and trackers across multiple devices (the Draft Recommendation). The new...more
For the second installment of this series on the new California Consumer Privacy Act (CCPA) Regs, we are looking at consumer request processes. One major eye opener: Tracker opt-outs must be immediate and you may not be...more
Many financial services businesses are subject to legal or regulatory obligations that require them to verify the identity of their customers. Although innovative technological tools, including those using artificial...more
On April 21, 2025, Arkansas Governor Sarah Huckabee Sanders signed into law the Arkansas Children and Teens’ Online Privacy Protection Act (Act), which will become effective on July 1, 2026. It draws inspiration from the...more
Following a wave of “session replay” wiretapping lawsuits in the United States, France’s Commission Nationale de l’Informatique et des Libertés (CNIL) has launched a consultation on tools for recording and replaying browsing...more
Virginia recently amended its Consumer Protection Act (the Act) to provide enhanced protection for reproductive and sexual health information. These protections take effect on July 1, 2025. The amendment prohibits a...more
As noted in our last two client alerts, the issue as to who should be the watchdog to protect consumer personal data is coming to a head in the chapter 11 bankruptcy cases of 23andMe Holding Co and its affiliated debtors...more
On March 24, 2025, the governor of Virginia signed into law Senate Bill 754, which amends the Virginia Consumer Protection Act (VCPA) to restrict the collection, use, sale, or sharing of personally identifiable reproductive...more
On 21 March 2025, the New Federal Law for the Protection of Personal Data in Possession of Private Parties came into effect, superseding and repealing the prior data protection law....more
1. Know What Laws Apply to your Organization It’s not surprising many leaders are unsure about which new laws or regulations apply to their organization. Privacy and security laws, particularly in the U.S., have changed...more
In March 2023, Elon Musk and Steve Wozniak, along with other technology experts, signed an open letter asking that training powerful AI models be stopped until stronger AI governance laws could be developed. Two months later,...more
In 2024, the CNIL stepped up its enforcement action, issuing 87 sanctions, 180 compliance orders and 64 reprimands. However, only 12 decisions were made public, thus complicating the exercise of making the regulator’s...more
US Customs and Border Protection (CBP) has the authority to search electronic devices — including phones, laptops, tablets, and other electronic devices — of anyone entering the United States, including US citizens and...more
The rapid advancement of generative artificial intelligence (AI) technologies has transformed various sectors, including healthcare, finance, and entertainment. However, this evolution brings significant challenges regarding...more
While readers of this blog are familiar with the proliferation of California Invasion of Privacy Act (“CIPA”) wiretapping claims, our readers may be less familiar with CIPA-related GET Request claims. Below, we explain what...more
Amazon faces allegations of unauthorized data collection in violation of federal and state privacy laws, including a first-of-its-kind claim under Washington’s My Health My Data Act (“MHMDA”). The MHMDA restricts businesses...more
With 13 comprehensive state privacy laws already in effect, the state privacy law landscape is complex. While there are several common threads throughout many of these frameworks that can allow companies to implement a...more
On March 10, 2025, the Office of the Attorney General of California (CAAG) announced an enforcement sweep of the California Consumer Privacy Act (CCPA) focused on the location data industry. Attorney General Rob Bonta stated...more
This week California Attorney General Rob Bonta announced a new investigative sweep under the California Consumer Privacy Act (CCPA). We have anticipated this sweep for some time based on the focus and the direction of a...more
On February 10, 2025, the first class action complaint was filed under Washington state’s My Health My Data Act (“MHMDA”), over a year after the law was passed. See Maxwell v. Amazon.com, Inc. et al., Case No. 2:25-cv-261...more
The current landscape of data privacy and security is becoming exponentially more complex, with businesses facing both a growing list of cybersecurity risks and compliance requirements. Data minimization, an evolving...more
Many state governments are in the thick of their legislative sessions and we continue to see a steady wave of comprehensive data privacy bills introduced. Most notably last week, Alabama representatives introduced HB 283...more
On February 5 2025, the UK Information Commissioner's Office (ICO) released new guidance designed to help employers understand and comply with their obligations under the UK GDPR and the Data Protection Act 2018 in relation...more