The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
"Monsters Inc." y el tratamiento de los datos
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] You Are Here: First Steps in Data Mapping
Fintech Focus Podcast | What Does AI Safety Mean For Fintechs?
The FTC's Health Privacy Enforcement Actions
The FTC and DOJ Act Against Amazon to Protect Privacy
Law Brief®: Rich Schoenstein and Annmarie Giblin Discuss Cyber Law
Biometric Litigation
Podcast - The FTC Agenda & Data Privacy
Webinar Recording – The Colorado Privacy Act and Draft Rules
2022 DSIR Report Deeper Dive: Personal Data Deletion
Congress Tries to Wrangle Cyber and Crypto Industries
Who are the decision makers at INTERPOL's CCF?
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
California Cryobank, LLC, the largest sperm bank in the country, faces a lawsuit in the U.S. District Court for the Central District of California over an April 2024 data breach. Cryobank provides frozen donor sperm and...more
Know What Laws Apply - Privacy and security laws, particularly in the U.S., have changed dramatically in the last few years. It’s not surprising many leaders are unsure which new laws or updated regulations apply to their...more
Takeaway: Former FBI Director Robert Mueller once famously said, “There are only two types of companies: those that have been hacked and those that will be.” These days cyberattacks seem to happen all the time. And when a...more
In April 2024, the IRS sent notices informing more than 70,000 taxpayers that their tax and personal data had been stolen in 2019 by a former IRS contractor, Charles Littlejohn. Littlejohn not only stole the data of hundreds...more
On January 3, 2025, the Cyberspace Administration of China (the “CAC”) released the Draft Measures for Personal Information Protection Certification for Cross-Border Data Transfers (the “Draft Measures”) for public comment....more
Last week, a class action was filed against NewsBank, Inc., a Florida-based news database company, related to a 2024 breach of employee personal information. NewsBank provides a database of archived news publications...more
We have repeatedly warned our readers about malicious QR codes and their use by threat actors. Threat actors are now using these codes to disguise packages as gifts....more
Tomorrow is International Data Privacy Day, so a happy day to all! More seriously, data privacy concerns and legislation continue to rapidly increase. It has been estimated that by the end of 2024 more than 75 percent of...more
Insider threats continue to present a significant challenge for organizations of all sizes. One particularly concerning scenario involves employees who leave an organization and impermissibly take or download sensitive...more
New York State Governor Hochul recently gave us a “pre” New Year’s gift: effective on December 21, 2024, any individuals or businesses possessing the “private information” of New Yorkers must notify them, and certain state...more
The Personal Data Protection Commission (PDPC) of Singapore recently issued a mandate requiring all businesses operating in the country to appoint a Data Protection Officer (DPO) by September 30, 2024, and submit their...more
With the new year just around the corner and eight new privacy laws coming online next year, December is an excellent time for companies to assess their data collection and processing practices, and take stock of any changes...more
Starting January 2025, five state privacy laws will take effect, providing consumer privacy rights to a new swath of individuals across the country. Delaware, Iowa, Nebraska, and New Hampshire’s laws will go into effect on...more
Businesses in the US will be subject to a lot more scrutiny from consumers and regulators in 2025. With eight new data privacy laws going into effect over the course of the year, attorneys general will be eager to show...more
The Centers for Medicare & Medicaid Services (CMS) and the Wisconsin Physicians Insurance Corporation have announced that 946,801 current Medicare recipients are being notified that their personal information may have been...more
Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more
This week, two class actions were filed in the U.S. District Court for the Eastern District of Pennsylvania against David’s Bridal based on two data breaches. The actions allege that David’s Bridal failed to protect the...more
Navigating the stringent requirements of data subject access requests (DSARs) can feel like summitting a mountain—the path forward isn’t always clear, pitfalls abound, and you’re fighting gravity all the way....more
On April 12, Nebraska Governor Jim Pillen signed Legislative Bill 1074 into law, making Nebraska the 16th U.S. state to enact a comprehensive privacy law. The Nebraska Data Privacy Act (NEDPA) will take effect on January 1,...more
It’s official. Kentucky will join Indiana, New Hampshire, and a slew of other states with the enactment of a comprehensive data privacy act. The Kentucky Consumer Data Protection Act (KCDPA)–at least this iteration of...more
Kentucky joins the growing trend of U.S. state data protection laws with well over a dozen now in place across the country. Last year proved to be a huge year in U.S. state data protection law, ending with 13 U.S. states...more
Even though it may not seem like it, the purpose of laws like the EU GDPR (General Data Protection Regulation) isn’t just for the EU to gain additional revenue through fines and penalties. They exist to protect individuals’...more
On March 6, New Hampshire Governor Chris Sununu signed Senate Bill 255 (SB 255) into law. New Hampshire joins California, Colorado, Connecticut, Delaware, Indiana, Iowa, Montana, New Jersey, Oregon, Tennessee, Texas, Utah...more
On March 11, the Kentucky Senate passed the Kentucky Consumer Data Protection Act (KCDPA or the “Act”) (House Bill 15) by a unanimous 35-0 vote. Upon House concurrence and the governor’s signature, the Act would become the...more