State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
AI Talk With Juliana Neelbauer - Episode Three - Cybersecurity Insurance: Coverage Challenges and Changes
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Protect, Prepare, Prevail: Navigating a Complex Cybersecurity World
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Crafting an Effective Law Firm Generative AI Policy for Responsible Business Use: On Record PR
2025 Privacy Law Preview: Be Prepared
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
"Monsters Inc." y el tratamiento de los datos
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
An English Court has recently decided that three insurance policies covering the same loss – data breach settlements arising from an incorrectly addressed email – provided a combined, cumulative limit of indemnity. While the...more
On 12 March 2025, the California Privacy Protection Agency (CPPA) settled with an automaker that allegedly violated various aspects of the California Consumer Privacy Act (CCPA). This first-of-its-kind settlement for the...more
In a landmark privacy enforcement action, the California Privacy Protection Agency (CPPA) has reached a settlement with American Honda Motor Co. (“Honda”) following allegations that the automaker violated the CCPA. The...more
On March 12, 2025, the Board of the California Privacy Protection Agency (“CPPA”) issued a decision requiring American Honda Motor Co. (“American Honda”) to change its business practices and pay a $632,500 fine for making it...more
On March 7, 2025, the California Privacy Protection Agency (CPPA) issued a settlement order imposing a $632,500 fine on American Honda Motor Co., Inc. for violations of the California Consumer Privacy Act (CCPA). The CPPA...more
In November 2024, the German Federal Court of Justice made its first decision within the new leading decision procedure, which is intended to simplify mass proceedings. Another new procedural tool is the redress action. In...more
Marriott has agreed to pay $52 million dollars and implement new consumer data protections to settle investigations by attorneys general from 49 states and the Federal Trade Commission, following data breaches that occurred...more
The Financial Markets Standards Board has published the final version of its standard for sharing standard settlement instructions. The standard establishes core principles which set out expected practices for the sharing of...more
The Global Foreign Exchange Committee (GFXC) has published the updated version of the FX Global Code of Conduct (dated December 2024), which supersedes the previous version (from July 2021). Updates have been made to...more
In 2024, the government and whistleblowers were party to 558 settlements and judgments collecting over $2.9 billion. The government continued its effort to combat cybersecurity threats through its Civil Cyber-Fraud...more
MGM Resorts agreed to pay $45 million to settle over a dozen class action lawsuits concerning 2019 and 2023 data breaches. A federal court in Nevada preliminarily approved the settlement, which, according to lawyers, covers...more
In 2024, the Department of Justice (DOJ) pursued significant enforcement activity under its Civil Cyber-Fraud Initiative (CCFI). As our readers know, the Deputy Attorney General announced the creation of the CCFI in October...more
2024 was a year chock-full of data breaches and privacy violations. Many new data privacy and cybersecurity regulations were introduced (and became effective), and regulators sent a strong message to businesses that privacy...more
New York Attorney General (AG) Letitia James and global movie theater operator National Amusements, Inc. (National) settled a lawsuit stemming from a 2022 data breach reported by National, which affected 82,128 National...more
On November 14, 2024, the California Privacy Protection Agency (“CPPA”), which is tasked with enforcing the California Consumer Privacy Act (the “CCPA”), announced it settled with two data brokers, Growbots, Inc. and UpLead...more
Oak Valley Hospital, located in Oakdale, California, reached a settlement in a class action related to a 2023 data breach. On July 18, 2023, Oak Valley detected suspicious activity on its IT systems. Pursuant to the forensic...more
You are reading the October 2024 Update of the Bass, Berry & Sims Enforcement Roundup, where we bring notable enforcement actions, policy changes, interesting news articles, and a bit of our insight to your inbox. -...more
Disputes, AI and modern law - Q1 How should parties seek and agree a seat for ADR, and what advantages does your jurisdiction offer?...more
Penn State recently agreed to pay $1.25 million to settle allegations of False Claims Act violations related to its cybersecurity controls after a whistleblower alleged that the university failed to adhere to cybersecurity...more
Connecticut Attorney General William Tong announced on October 21, 2024, that his office has settled a data breach case against Guardian Analytics, Inc. for $500,000. The data breach affected the personal information of...more
Enforcement of data privacy laws across the US is in full force. Most recently, Marriott agreed to a $52 million settlement payment to 50 states, including $3.5 million to the State of Texas, following a data breach of 131...more
Let’s review for a moment. It’s not a HIPAA violation to be a victim of ransomware. It’s not a HIPAA violation to pay a ransom. It’s up to the covered entity (CE) to determine if a security or privacy incident is a...more
Last week, the Federal Communications Commission (FCC) announced a data protection and cybersecurity settlement with T-Mobile, resolving the FCC’s investigations related to the data breaches suffered by T-Mobile that affected...more
The recent $30 million settlement between 23andMe and 6.4 million users following a major data breach offers important lessons for businesses dealing with sensitive genetic and genomic information....more
Verkada, a manufacturer and retailer of security cameras, has settled FTC accusations of lax security measures. The company sells its products to businesses, including schools and medical facilities. It markets its products...more