Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
"Monsters Inc." y el tratamiento de los datos
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] You Are Here: First Steps in Data Mapping
Fintech Focus Podcast | What Does AI Safety Mean For Fintechs?
The FTC's Health Privacy Enforcement Actions
The FTC and DOJ Act Against Amazon to Protect Privacy
Law Brief®: Rich Schoenstein and Annmarie Giblin Discuss Cyber Law
Biometric Litigation
Podcast - The FTC Agenda & Data Privacy
Webinar Recording – The Colorado Privacy Act and Draft Rules
2022 DSIR Report Deeper Dive: Personal Data Deletion
Congress Tries to Wrangle Cyber and Crypto Industries
Who are the decision makers at INTERPOL's CCF?
On June 20, 2025, the New York Child Data Protection Act (CDPA) took effect, ushering in some of the most comprehensive child and teen privacy protections in the United States. The law applies to operators of websites, apps,...more
On June 12, 2025, Vermont Governor Phil Scott signed the Vermont Age-Appropriate Design Code Act (AADC), which will impose a range of obligations on businesses that offer online products, services, or features likely to be...more
On July 8, 2025, the Department of Justice (“DOJ”) is set to lift its self-imposed pause on enforcing certain violations of its Rule Preventing Access to US Sensitive Personal Data and Government-Related Data by Countries of...more
On June 20, 2025, Texas Governor Greg Abbott signed SB 2610 into law, joining a growing number of states that aim to incentivize sound cybersecurity practices through legislative safe harbors. Modeled on laws in states like...more
On June 19 2025, the Data (Use and Access) Act (DUA Act) received Royal Assent, having passed both Houses of Parliament on June 11 2025. The Data (Use and Access) Bill was first introduced in the House of Lords on October 23...more
The UK’s Data (Use and Access) Bill (DUA Bill) completed its passage through Parliament on 11 June 2025 and is now awaiting Royal Assent. Once enacted, it will introduce a series of targeted updates to the UK’s data...more
On June 16, 2025, the Council of the EU (Council) and the European Parliament (EP) reached an agreement on a new regulation (the Draft Regulation) to enhance enforcement of the General Data Protection Regulation (GDPR). The...more
Vermont recently adopted the Vermont Age-Appropriate Design Code Act, which goes into effect on January 1, 2027. The law is enforceable by the Vermont Attorney General as an unfair or deceptive act or practice. The Attorney...more
On June 6, 2025, the Supreme Court of the United States released two decisions on its emergency docket with serious implications for federal agencies, companies that do business with the government, and the data of millions...more
Starting July 9, 2025, the U.S. Department of Justice will begin enforcing its new “Bulk Sensitive Data Rule,” a sweeping regulation aimed at restricting the transfer and storage of sensitive U.S. personal and...more
Montana recently amended its privacy law through Senate Bill 297, effective October 1, 2025, strengthening consumer protections and requiring businesses to revisit their privacy policies that apply to citizens of Montana....more
With the use of artificial intelligence (“AI”) becoming more pervasive every day, it should not surprise our readers that regulators are increasingly focused on the use of AI and its associated consumer data privacy...more
The Department of Justice (DOJ) implemented a new regulatory regime (Data Security Program) addressing access to, and transfer of, sensitive personal data to countries and persons of concern, including Russia, China and...more
In anticipation of the June 20, 2025, effective date of the New York Child Data Protection Act (NYCDPA), the Office of the New York State Attorney General (OAG) recently released implementation guidance that provides critical...more
On June 2, the New Jersey Division of Consumer Affairs (Division) published proposed regulations to implement the New Jersey Data Privacy Act (NJDPA). Of note, these rules were proposed months after the NJDPA went into effect...more
A bipartisan coalition of 28 AGs have filed a lawsuit against 23andMe Holding Co. and 23andMe, Inc. (collectively “23andMe”) to protect human genetic data collected by the company from being sold without consumers’ consent as...more
According to an AT&T spokesperson, this is not accurate. Social Security Numbers and Dates of Birth were already available in plain text in the original compromised dataset from 2024 (in separate files that could be...more
On May 9, 2025, New York Governor Kathy Hochul signed Assembly Bill A3008 into law. The omnibus legislation mandates transparency in personalized algorithmic pricing while prohibiting related discrimination. The new law also...more
States have been active in passing and enacting comprehensive consumer privacy laws in the absence of a federal statute. To date, 19 states have passed such laws, starting with the California Consumer Privacy Act (“CCPA”),...more
Following the Federal Trade Commission’s decision in December 2023 to ban Rite Aid from using AI facial recognition, it has become crystal clear that U.S. regulators expect a risk assessment when a retailer uses facial...more
On June 10, 2025, the US Securities and Exchange Commission (SEC) announced that it will immediately resume processing new and pending registration applications of investment advisers with their principal office and place of...more
On 14 May 2025, the Brussels Court of Appeal (Market Court) delivered the long-awaited judgement in the case concerning the Transparency & Consent Framework (“TCF”) (case no. 2022/AR/292). The Court largely upheld the...more
A national leader in privacy law, California was among the first states to include an express right to privacy in its constitution, create a data breach notification law, and codify robust consumer data protections. ...more
States everywhere are considering whether and how to best regulate business use of artificial intelligence (“AI”). While the California Privacy Protection Agency (“CPPA”) recently struck all references to AI from its proposed...more
Pursuant to a newly effective U.S. Department of Justice (DOJ) regulation, the transfer and storage of certain sensitive U.S. government and personal data may be prohibited or restricted, depending on the intended recipient,...more