The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
"Monsters Inc." y el tratamiento de los datos
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] You Are Here: First Steps in Data Mapping
Fintech Focus Podcast | What Does AI Safety Mean For Fintechs?
The FTC's Health Privacy Enforcement Actions
The FTC and DOJ Act Against Amazon to Protect Privacy
Law Brief®: Rich Schoenstein and Annmarie Giblin Discuss Cyber Law
Biometric Litigation
Podcast - The FTC Agenda & Data Privacy
Webinar Recording – The Colorado Privacy Act and Draft Rules
2022 DSIR Report Deeper Dive: Personal Data Deletion
Congress Tries to Wrangle Cyber and Crypto Industries
Who are the decision makers at INTERPOL's CCF?
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
If you are a GrubHub customer, read carefully. The app has confirmed a security incident involving a third-party vendor that allowed an unauthorized threat actor to access user contact information, including some customer...more
On January 13, 2025, Texas Attorney General’s Office filed its first lawsuit enforcing the Texas Data Privacy and Security Act (“TDPSA”). The law went into effect on July 1, 2024. The complaint also states claims under Texas’...more
Many governments are grappling with the question of how to regulate artificial intelligence to ensure it is adopted safely and used responsibly without hampering innovation. Governments have generally indicated similar...more
Anyone who thought blockchain would keep their cryptocurrency transactions private from the IRS needs to think again. According to the First Circuit’s recent holding, cryptocurrency users do not have a Fourth Amendment...more
Website owners often struggle to design privacy policies that are not only comprehensive, but also comprehensible. The tension between these competing concerns was in sharp focus in a recent Ninth Circuit decision, Calhoun v....more
On June 7, 2024, the New York Legislature passed two bills to protect children online. The Stop Addictive Feeds Exploitation (SAFE) for Kids Act, S7694A, prohibits social media platforms from providing defined "addictive...more
The Federal Trade Commission (FTC) has assumed the authority to enforce unauthorized data disclosures under the Federal Trade Commission Act (FTC Act). During the past three weeks, the FTC has used this authority to go after...more
On February 1, 2024, the Federal Trade Commission (FTC) announced that it had reached a proposed settlement with that would require Blackbaud Inc. (“Blackbaud”) to delete personal data it does not need to retain and upgrade...more
On 22 December 2023, the EU published Regulation (EU) 2023/2854, the Data Act, in the Official Journal of the EU. The Data Act is a new regulation providing harmonised rules on access to data, switching cloud providers and...more
On September 11th, Gov. John Carney (D) signed the Delaware Personal Data Privacy Act into law. The Act will take effect January 1, 2025. With the DPDPA on the books, the number of states with comprehensive privacy laws...more
Oregon recently joined Vermont and California as the third state requiring data broker registration before collecting, selling, or licensing “brokered personal data.” Several types of entities are exempt from the law. These...more
The SEC continued its recent onslaught of proposed cybersecurity rules in mid-March with three new proposals covering a litany of entities, including investment advisers, broker-dealers, investment companies, clearing...more
The case of Popa v. Harriet Carter Gifts, Inc. “began with a quest for pet stairs.” Plaintiff Ashley Popa searched Harriet Carter Gifts’ website, added pet stairs to her cart, but never completed the purchase. During her...more
Israel’s Privacy Protection Authority (PPA) recently published its position on the duty to inform when collecting and using personal data. This is an important position, as it clarifies how to design the interface with the...more
Keypoint: Organizations subject to these laws will need to determine whether they are engaging in “sales,” which can be a complex and multifaceted analysis given the statutes’ varying definitions and exemptions....more
What does the U.K. Information Commissioner’s Office have to say about what it takes for adtech initiatives to be compliant with data protection? “There is an opportunity for market participants to move towards developing...more
The development of alternative techniques to “third-party” cookies cannot be done at the expense of the right of individuals to protect their personal data and privacy, according to France’s Commission Nationale de...more
In 2018, the California Consumer Privacy Act (“CCPA”), which provides for an expansive array of privacy rights and obligations, was enacted. At the time, it was reasonable to wonder whether California’s bold example would...more
Even in the absence of a cross-border transfer of personal data from the European Union to a third country, if you are using a vendor that has a U.S. parent company, get ready to implement supplementary measures, says the...more
Website operators are not permitted to use cookies and similar tracking technologies for analysis and marketing purposes without the informed consent of users, if this involves sharing personal data with third parties and...more
Spanish data protection authority Agencia Española de Protección de Datos (AEPD) has published helpful guidelines on the data protection aspects of using mobile apps intended to control access to places of business while the...more
A little more than six months ago, we addressed the challenges businesses faced in complying with CCPA when it came to their use of third-party adtech such as pixels, beacons and trackers. In line with the evolving nature of...more
On March 6, 2020, the State Administration of Market Regulation of the People’s Republic of China (PRC) and the Standardization Administration of the PRC published an updated version of the “Information security...more
In line with the recent wave of regulations governing the use of personal data, the Personal Information Protection Act of Japan restricts the provision of personal data to third parties, with a particular focus on the...more
On January 6, 2020, Andrew Smith, Director of the Federal Trade Commission (FTC) Bureau of Consumer Protection, announced three significant improvements to the FTC’s approach to data security enforcement cases....more