When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity – Part 1 — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
Uncovering Hidden Risks: Ep 13 - Unveil Data Security Paradoxes
Last year was a pivotal one for data privacy, as privacy received substantial attention from many regulators, including the Federal Trade Commission (“FTC”). Looking back at the FTC’s 2023 enforcement actions, statements and...more
On February 1, the Federal Trade Commission (FTC or “the Commission”) announced that it had reached a settlement with Blackbaud, a software company, resolving claims related to a 2020 data breach that resulted in the...more
As we reflect on the flurry of activity in the health care data privacy and security space in 2023 and look ahead to what will continue to be a busy 2024, we are seeing the early stages of federal agency movement to align the...more
Commercial bribery enforcement also became more active, as the authorities marked the 30th anniversary of the PRC Anti-Unfair Competition Law. The revision of the PRC Anti-Espionage Law raised some concerns about national...more
The year 2023 was a busy one for regulatory, compliance, and enforcement developments in the healthcare and life sciences industries, and 2024 promises to be even busier. We tapped MoFo’s Life Sciences + Healthcare Compliance...more
2023 marked 20 years since the first compliance deadline under the Health Insurance Portability and Accountability Act’s (“HIPAA”) privacy rule. Despite the two decades of experience with HIPAA, compliance continues to remain...more
On December 21, 2023, the Federal Communications Commission released an order updating its data breach rules. These updated rules require telecommunications providers to report breaches of customer proprietary network...more
After a three-year investigation/enforcement action by the New York Department of Financial Services (“NYDFS”), NYDFS entered into a Consent Order with a large title insurer (the “Company”) for its violation of NYDFS’s...more
State regulators across the country continue to increase their focus on cyber security and data privacy compliance and enforcement. For years, cloud company Blackbaud, a service provider to thousands of nonprofit enterprises,...more
On November 16, the Federal Trade Commission (FTC) announced an enforcement action against Global Tel*Link Corporation and two of its subsidiaries (collectively, “GTL”), which provide communications and payment services to...more
Our Securities Litigation, Securities, and Privacy, Cyber & Data Strategy teams outline vital takeaways for public companies and their directors and officers in light of the Securities and Exchange Commission’s recent civil...more
On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more
Cyber Resilience Programs Falling Short on Preparing Workers for a Crisis- “At two-thirds of organizations, there is a fear that almost all employees, 95%, will not understand how to recover following a cyberattack.” ...more
CYBERSECURITY - World Economic Forum’s Global Cybersecurity Outlook for 2023 Is Bleak - Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global...more
The FTC recently issued a proposed order that would settle an enforcement action against Drizly, LLC and its co-founder and CEO, James Rellas, arising from data breaches in 2018 and 2020 that affected over 2.5 million...more
This year has seen some substantial new data breach settlements including a $500,000 Federal Trade Commission (FTC) fine against CafePress, a $1.25 million multi-state class action settlement and $5 million New York...more
US Federal Appellate Court Issues Opinion on Proof of Injury in Data Breach Cases - On September 2, 2022, the U.S. Court of Appeals for the Third Circuit reinstated a class action lawsuit that had previously been dismissed...more
A reminder to financial services firms: the Consumer Financial Protection Bureau (CFPB) is also a data security regulator....more
Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more
France’s data protection authority, the Commission Nationale de Informatique et des Libertés (“CNIL”), has issued one of its highest General Data Protection Regulation (“GDPR”) sanctions to-date against Dedalus Biologie SAS...more
China’s internet watchdog, the Cyberspace Administration of China (CAC), has continued to tighten its regulation of internet industries and driven the formulation of many new laws and regulations in cybersecurity and data...more
Utah has become the fourth state in the nation to pass broad consumer data privacy legislation, following California, Virginia, and Colorado. The Utah Consumer Privacy Act will become effective December 31, 2023, and apply to...more
Last week the Federal Trade Commission announced a privacy and data security enforcement action against the online retail platform CafePress. The allegations in the FTC’s complaint read like a list of worst practices,...more
Following U.S. Securities and Exchange Commission (SEC) Chairman Gary Gensler's recent speech directing the agency to expand cybersecurity requirements on regulated entities, the SEC on Feb. 9, 2022, voted to propose new...more
We continue our year-end review of SEC enforcement activity and turn our attention to a topic grabbing seemingly daily headlines across multiple industries: cybersecurity. As the risks – and realities – of cyberattacks...more