The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
"Monsters Inc." y el tratamiento de los datos
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] You Are Here: First Steps in Data Mapping
Fintech Focus Podcast | What Does AI Safety Mean For Fintechs?
The FTC's Health Privacy Enforcement Actions
The FTC and DOJ Act Against Amazon to Protect Privacy
Law Brief®: Rich Schoenstein and Annmarie Giblin Discuss Cyber Law
Biometric Litigation
Podcast - The FTC Agenda & Data Privacy
Webinar Recording – The Colorado Privacy Act and Draft Rules
2022 DSIR Report Deeper Dive: Personal Data Deletion
Congress Tries to Wrangle Cyber and Crypto Industries
Who are the decision makers at INTERPOL's CCF?
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
What's Changed? The U.S. Department of Justice (DOJ) published a Data Security Program (DSP), pursuant to a final rule (Final Rule), which became effective on April 8, 2025....more
On April 11, 2025, the Department of Justice's National Security Division (NSD) issued additional guidance to assist U.S. organizations in understanding and complying with the Data Security Program (DSP). As discussed in our...more
The Cyberspace Administration of China (CAC) released an important Q&A on cross-border data transfer requirements and policies in early April, providing clarification on a number of issues of concern to companies in China....more
Many “good government” initiatives continue to be enacted or implemented on Capitol Hill or in the Executive Branch — notwithstanding changes in political control. While working on Capitol Hill, the bulk of the legislative...more
The Data Security Program (DSP) recently implemented by the U.S. Department of Justice (DOJ) will have far-reaching implications for many businesses that transfer the personal data of U.S. citizens outside the United States....more
The cross-border transfer of personal information (hereinafter referred to as “PI,” and such transfers as “PI export”) is a routine and often essential part of business operations for companies in China—particularly...more
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
A new US Department of Justice (DOJ) rule on “Preventing Access to US Sensitive Personal Data and Government-Related Data by Countries of Concern (including China) or Covered Persons” (rule) prohibits and restricts certain...more
Malaysia issued a regulatory guideline for data breach notification in February 2025. This article discusses how the new regulation affects businesses in Malaysia. On 25 February 2025, Malaysia's Personal Data Protection...more
On March 20, 2025, the new Federal Law for the Protection of Personal Data held by Private Parties (LFPDPPP of 2025) was published in the Official Gazette of the Federation. The LFPDPPP of 2025 entered into force on March 21,...more
The guidelines specify the requirements for data controllers to conduct risk assessments related to the transfer or disclosure of personal data outside the Kingdom. ...more
Malaysia introduced a mandatory data protection officer appointment in February 2025. We discuss the implications of this new regulatory requirement for businesses operating in Malaysia....more
The PRC Personal Information Protection Law (PIPL) mandates regular data compliance audits. Following a consultation period beginning in August 3, 2023, the Cyberspace Administration of China (CAC) issued the Measures for...more
Following Malaysia’s introduction of data breach notification and data protection officer (“DPO”) appointment requirements in last year’s significant amendments to the Personal Data Protection Act (“PDPA”) (click here for our...more
The Department of Justice (DOJ) released a Final Rule restricting certain transfers of Americans’ sensitive personal data to identified countries of concern or covered individuals. The Final Rule continues to assert the DOJ...more
The Personal Information Protection Act (PIPA) is a critical framework for protecting individuals’ personal information in Bermuda. Under PIPA organisations are required to adhere to several key principles, including ensuring...more
Since the full implementation of Thailand’s Personal Data Protection Act (PDPA) in June 2022, the Personal Data Protection Committee (PDPC) has been instrumental in shaping the nation’s data protection framework. ...more
On January 8, 2025, the Department of Justice (“DOJ”) published its final rule addressing Executive Order (E.O.) 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data...more
As we enter a new year, the patchwork of US privacy laws continues to expand and become more complex. With the change in control of the White House and Congress, the prospects for a federal privacy law have grown even less...more
Tomorrow is International Data Privacy Day, so a happy day to all! More seriously, data privacy concerns and legislation continue to rapidly increase. It has been estimated that by the end of 2024 more than 75 percent of...more
On January 8, the Department of Justice (DOJ) published its final Rule implementing Executive Order 14117 (EO), “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by...more
On January 8, 2025, the Department of Justice (DOJ) published in the Federal Register a Final Rule, "Preventing Access to U.S. Sensitive Personal Data and Government Related Data by Countries of Concern or Covered Persons,"...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
The U.S. Department of Justice (DOJ) has finalized its rule on “Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons,” which restricts data brokerage...more
A much-anticipated Opinion from the European Data Protection Board (EDPB) on AI models and data protection has not resulted in the clear or definitive guidance that businesses operating in the EU had hoped for. The Opinion...more