Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
"Monsters Inc." y el tratamiento de los datos
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] You Are Here: First Steps in Data Mapping
Fintech Focus Podcast | What Does AI Safety Mean For Fintechs?
The FTC's Health Privacy Enforcement Actions
The FTC and DOJ Act Against Amazon to Protect Privacy
Law Brief®: Rich Schoenstein and Annmarie Giblin Discuss Cyber Law
Biometric Litigation
Podcast - The FTC Agenda & Data Privacy
Webinar Recording – The Colorado Privacy Act and Draft Rules
2022 DSIR Report Deeper Dive: Personal Data Deletion
Congress Tries to Wrangle Cyber and Crypto Industries
Who are the decision makers at INTERPOL's CCF?
Oregon will begin to regulate the use of minors’ information and sale of users’ location data (regardless of age) with an update to its Oregon Consumer Privacy Act. These revisions will go into effect January 1, 2026. As...more
In recent weeks, the EU and UK have both introduced changes to their respective versions of Europe’s landmark privacy legislation, the General Data Protection Regulation (GDPR). These reforms mark the first substantial...more
Nebraska AG Mike Hilgers sued General Motors LLC and its subsidiary OnStar LLC (collectively, “GM”) over allegations that GM misled vehicle purchasers into enrolling in programs that collected and shared their driving data...more
20 Democratic AGs sued HHS and DHS for allegedly sharing personal health data with ICE. The complaint alleges that the Centers for Medicare & Medicaid Services—a division of HHS—transferred millions of individuals’ Medicaid...more
The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more
Welcome to this month’s issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security, & Data Protection practice....more
The US Department of Justice’s (DOJ’s) final rule implementing Executive Order (EO) 14117, Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern went...more
The Department of Justice (“DOJ”) implemented the Data Security Program (“DSP”) intending to prevent access to Americans’ bulk sensitive personal data and government-related data by Countries of Concern. The DSP is aimed at...more
En 2023, une cyberattaque d’envergure a exposé les données génétiques personnelles de millions d’utilisateurs de 23andMe, une société américaine offrant des services d’analyse du code génétique aux particuliers, poussant les...more
In this Privacy, Cyber & AI Decoded alert, we cover Colorado’s Biometric Identifier Requirements, Delaware’s Data Protection Assessment Requirement, Minnesota’s new comprehensive privacy law going into effect, Tennessee’s...more
Vermont has joined the list of states attempting to regulate the use of children’s information collected online, passing an Age-Appropriate Design Code Act. This law mirrors ones we have seen in other US states as well as the...more
On June 19 2025, the Information Commissioner’s Office (ICO) published guidance on the Data (Use and Access) Act 2025 (DUAA), which received Royal Assent on the same day. The DUAA introduces significant changes to the UK data...more
On 19 June 2025 the Data (Use and Access) Act (the "DUA Act") received Royal Assent and became law in the UK, having been passed by the UK Parliament on 11 June 2025. The DUA Act principally reforms the General Data...more
Incogni recently issued its “Gen AI and LLM Data Privacy Ranking 2025” where it “delved deep into the most popular LLMs and developed a set of 11 criteria for assessing data privacy risks associated with advanced machine...more
With the Minnesota Consumer Privacy Act (MCPA), which takes effect July 31, 2025, Minnesota now joins the many other states, like California, that have passed laws granting enhanced data privacy rights to individuals. ...more
The European Data Protection Board recently published its draft Guidelines 02/2025, which remain open to consultation until 09 June 2025. Stakeholders in the blockchain industry are encouraged to submit any observations...more
On 19 June 2025, CNIL published two additional “how-to-sheets” on artificial intelligence, one on legitimate interest and the other on the collection of data via web scraping. These documents aim to clarify the rules...more
On June 18, 2025, the U.S. Food and Drug Administration (“FDA”) announced an immediate review of new clinical trials that export American citizens’ biological materials to countries of concern, such as China, for genetic...more
The Italian Data Protection Authority has issued a new decision that further restricts employers’ ability to use information from third-party reports, private conversations, or social media posts as evidence in disciplinary...more
In the recent high-profile civil class action, Frasco v. Flo Health, a California federal court issued a significant ruling partially certifying a nationwide class and California subclass of individuals who used the Flo...more
On 19 June 2025, CNIL published two additional “how-to-sheets” on artificial intelligence, one on the legitimate interest and the other on the collection of data via web scraping. These documents aim to clarify the rules...more
In Part One of this FAQ series, we break down Virginia's Senate Bill 754, Consumer Protection Act; prohibited practices, etc., reproductive or sexual health information (Act), which amends the Virginia Consumer Protection Act...more
New Jersey recently released draft privacy regulations, and there is a lot to unpack and process. In this three-part series, I will break down the regulations - Part 1: The New Personal data: • Scraping is carved...more
Editor’s Note: Europe’s regulatory landscape has undergone a fundamental transformation, extending far beyond GDPR’s foundational framework to encompass a complex ecosystem of interconnected laws governing digital platforms,...more
- On 26 March 2025, the European Health Data Space (EHDS) Regulation entered into force. The regulation establishes a comprehensive framework for health-data sharing and access in the EU, with the dual aim of supporting the...more