When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
Latham & Watkins and Privacy Laws & Business recently co-hosted a webinar looking back on the first eight months since the UK-US Data Bridge entered into force. Speakers from the UK Information Commissioner’s Office (ICO) and...more
The U.S. Department of Transportation is seeking input from industry stakeholders on the role of artificial intelligence in the supply chain. The DOT’s Advanced Research Projects Agency – Infrastructure is one of many...more
On June 20, 2024, the Department of Commerce's Bureau of Industry and Security (BIS) issued a Final Determination (“Determination”) prohibiting Kaspersky Lab, Inc.—the US subsidiary of the Russia-based antivirus software and...more
The evolving use of artificial intelligence (AI) across different industries has thrust states into a difficult and rapidly developing regulatory arena. State Attorneys General have and will continue to play an essential role...more
The U.S. Departments of Justice and Commerce, as well as the European Commission recently launched the EU-US Data Privacy Framework (“DPF”), marking a significant shift from the previous frameworks such as Safe Harbor and...more
On February 28, 2024, the Biden Administration issued a new “Executive Order on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern” (the “EO”). The...more
On January 29, 2024, the U.S. Department of Commerce (Commerce) issued a notice of proposed rulemaking (NPRM) seeking comment on draft rules establishing customer information collection and reporting obligations for certain...more
The executive order on artificial intelligence issued by the White House yesterday is the federal government’s most ambitious attempt to date to corral this burgeoning technology – and contains numerous items of interest for...more
Following on the heels of the launch of the EU-U.S. Data Privacy Framework (DPF) this summer, the U.S. Department of Commerce has extended the DPF to cover transfers of personal data from the United Kingdom (UK) (and...more
If you have been doing business with entities in the European Union, chances are that you have struggled to figure out how to transfer data from the EU to the US without running afoul of the General Data Protection Regulation...more
The United States ("U.S.") and the European Union ("EU") have settled on a framework for transfers of personal data for the first time since the European Court of Justice ("CJEU") effectively invalidate the EU-U.S. Privacy...more
On July 10, the European Union and the United States finalized the EU-U.S. Data Privacy Framework (DPF), an agreement that allows for the transfer of personal data from residents of the EU to certified companies in the U.S....more
The U.S. Department of Commerce’s Data Privacy Framework (DPF) program website went live on July 17, and contains guidance documents for those companies wanting to know the costs and benefits of enrollment in the DPF...more
The EU Commission adopted today an adequacy decision for the EU-US Data Privacy Framework. As we indicated last month, this has been an area closely watched by those transferring data from the EU to the US. The issue has been...more
On June 16, the U.S. Department of Commerce published a final rule, effective July 17, 2023, on Securing the Information and Communications Technology and Services ("ICTS") Supply Chain, signaling potential new actions on...more
On Thursday, April 13, Senate Majority Leader Chuck Schumer (D-NY) announced his work with stakeholders on a new legislative framework to regulate artificial intelligence (AI), combined with bolstered oversight efforts. The...more
The National Institute of Standards and Technology (NIST) has released the second draft of its Artificial Intelligence (AI) Risk Management Framework (RMF) for comment. Comments are due by September 29, 2022. NIST, part of...more
As we have written in the past, APEC’s Cross-Border Privacy Rules (CBPR) program is intended to help companies more easily transfer personal data across borders. Participating companies complete self-assessments and...more
FTC Chair Lina Khan Questions Current Data Collection Practices by Private Industry at IAPP Global Privacy Summit, Suggests New Rulemaking May Be Necessary - In her first major privacy address since taking the helm of the...more
BioPlus Specialty Pharmacy Faces Lawsuit Over Healthcare Data Breach - "Florida-based BioPlus Specialty Pharmacy allegedly failed to safeguard PII and notify patients of a healthcare data breach that impacted 350K, the...more
On October 21, 2021, the Department of Commerce’s Bureau of Industry and Security (BIS) published a long-awaited interim final rule that establishes controls on certain cybersecurity items designed to curtail exports of...more
In February 2021, the National Institute of Standards and Technology ("NIST"), which is a subdivision of the Department of Commerce in the United States Government, announced its nine priorities for the coming year....more
The recent hack against FireEye and the U.S. Treasury and Commerce Department affected SolarWinds software for other clients as well (not limited to the U.S. government). SolarWinds has confirmed a cyberattack to its systems...more
The U.S. Department of Commerce (DOC), Department of Justice (DOJ), and the Office of the Director of National Intelligence (ODNI) jointly issued a White Paper containing information about privacy protections under U.S. law...more
Sunday, September 20, 2020, was intended to be the day on which prohibitions would go into effect on ByteDance Ltd. (ByteDance) and Tencent Holdings Ltd. (Tencent) and their subsidiaries—makers of the TikTok and WeChat apps,...more