Safeguarding Your Business Data
Navigating the Maze: eDiscovery Essentials for Employers — Hiring to Firing Podcast
Top Healthcare Compliance Priorities for 2025
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
Episode 366 -- DOJ Issues Data Security Program Requirements
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Why Privacy Matters to Your Business and What's in Store for 2025
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Protect, Prepare, Prevail: Navigating a Complex Cybersecurity World
2024 Privacy Trends and Their Impact on Auto Finance – Moving the Metal: The Auto Finance Podcast
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Crafting an Effective Law Firm Generative AI Policy for Responsible Business Use: On Record PR
2025 Privacy Law Preview: Be Prepared
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
Podcast - Decoding the Future of AI Regulation and Frontier Models
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
A month has passed since the Department of Justice (DOJ) National Security Division’s (NSD) issued its Final Rule prohibiting certain transactions involving US government data and Americans’ bulk sensitive personal data....more
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
As we enter a new year, the patchwork of US privacy laws continues to expand and become more complex. With the change in control of the White House and Congress, the prospects for a federal privacy law have grown even less...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
On December 24, 2024, New York Governor Kathy Hochul signed into law amendments to New York’s private-sector data breach notification law (General Business Law § 899-aa) and government agency data breach notification law (New...more
We are back for our sixth year of tracking proposed state privacy legislation and fifth year of providing weekly updates. As in past years, we will track proposed state privacy legislation through these weekly updates and our...more
2024 was a year chock-full of data breaches and privacy violations. Many new data privacy and cybersecurity regulations were introduced (and became effective), and regulators sent a strong message to businesses that privacy...more
U.S. privacy law continued to expand in 2024, both geographically and substantively. We now have 19 states with comprehensive consumer privacy laws (some of which are already in effect, while others become effective in...more
Starting January 2025, five state privacy laws will take effect, providing consumer privacy rights to a new swath of individuals across the country. Delaware, Iowa, Nebraska, and New Hampshire’s laws will go into effect on...more
As state-level privacy laws continue to expand in the absence of federal legislation, businesses must prepare to meet a growing patchwork of requirements or risk penalties and reputational harm. In 2025, eight additional...more
On August 6th, the Dutch Data Protection Authority (DPA) issued guidance cautioning companies about the potential data protection risks associated with the use of Artificial Intelligence (AI)-powered chatbots....more
In Part I, we discussed the European Commission’s (“Commission”) disapproval of Meta’s “pay or consent” subscription model. In Part II, we delve into the European Commission’s findings, prior findings by the European Data...more
On July 16, 2024, the National Data Protection Authority (ANPD) published Resolution No. 18/2024 (Resolution 18) outlining rules on the appointment, definition, duties and activities of a Data Protection Officer (DPO) in...more
As Artificial Intelligence (AI) continues to evolve and integrates into business processes, the Office of the Privacy Commissioner for Personal Data (PCPD) released its Artificial Intelligence: Model Personal Data Protection...more
The U.S. cybersecurity and data privacy law framework continues to evolve and expand rapidly. Here, we share a summary of the eight new state data privacy and security laws that will take effect in 2024 and 2025. Businesses...more
Companies that collect or process personal data in Brazil — or from consumers in the country — should be familiar with the Brazilian General Data Protection Law, which has been the country’s main legislation on the matter...more
On September 28, 2023, the Cyberspace Administration of China (CAC) released draft Provisions on Regulating and Promoting Cross-Border Data Flows (see the Chinese version and the unofficial English translation) for public...more
On August 29, 2023, the California Privacy Protection Agency (CPPA) posted discussion drafts of its forthcoming regulations on cybersecurity audits and risk assessments as part of the materials for its September 8, 2023,...more
Connecticut is the third state to adopt consumer health data privacy protections, following Washington’s My Health My Data Act (“MHMD”) and Nevada’s new consumer health data privacy law. It is the first state, however, to...more
On 11 July 2023, the Circuit Court of Ireland awarded 2,000 euros in compensation to a plaintiff seeking ‘non-material damage’ under Article 82 of the General Data Protection Regulation, in what is believed to be the first...more
On July 10, 2023, the European Commission formally approved the EU-U.S. Data Privacy Framework (“DPF"). You can view our brief video discussion about the DPF or read our initial update. Companies that maintained their...more
The pace of privacy developments in 2023 has been breathtaking. Since our recent alert regarding Iowa’s comprehensive data privacy law and Colorado’s finalized rules, there have been a number of key developments in data...more
Texas became the latest state to pass comprehensive consumer data privacy and security legislation when Governor Abbot signed the Texas Data Privacy and Security Act into law on June 18. It will require businesses to take...more
A challenging economic situation is prompting contentious staffing decisions. The rise of hybrid work has led employers to generate more information in more places about employees. Against this backdrop, more employees are...more
It shouldn’t come as a surprise that the European Data Protection Board (EDPB), through Ireland’s Data Protection Commission (DPC), issued another fine against a large US technology company. What may come as a surprise is the...more