Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Caregivers in Cybersecurity — Unauthorized Access Podcast
#WorkforceWednesday: California's Upcoming Cyber Audit and Automated Tech Rules - Employment Law This Week®
Data Dividend: What is Personal Data Worth?
Podcast: Data Privacy and Info Security in Finance: The Lay of the Land [More with McGlinchey, Ep. 52]
2023 New Data Privacy Requirements
Guidepost in Motion EP27: Privacy Matters Part 2: “TMI”-The Privacy Dilemma of Social Media
Webinar Recording – Assessing the Surge in Wiretap Litigation
Interview With Ayesha Minhaj, Google - Digital Planning Podcast
Colorado’s New Comprehensive Privacy Law
#WorkforceWednesday: 2020 in Review and What's to Come in 2021
Sitting with the C-Suite: How Do Corporations Manage the Convergence of Data during Remote Work?
On-Demand Webinar | Protecting Information in a Work-From-Home World
The Australian Government has today published a draft Bill outlining the next steps in Australia’s Privacy Act Review process. The changes to be implemented by the Privacy and Other Legislation Amendment Bill 2024 include...more
The Personal Information Protection Law (“PIPL“) requires a data controller to conduct compliance audits of its personal data processing activities on a regular basis (“Self-supervision Audits“). Apart from such...more
Privacy issues are inherent in almost all facets of a business — from operations, employment, and technology to customer service, contracts, legal and compliance — all with varying degrees of risk. Most companies mitigate...more
The Irish Data Protection Commission (DPC) has welcomed X’s agreement to suspend its processing of certain personal data for the purpose of training its AI chatbot tool, Grok. This comes after the DPC issued suspension...more
Keypoint: The California legislature enters into the final week of its session with many bills still under consideration. We are currently tracking thirteen privacy and AI-related bills that previously crossed chambers prior...more
While the definition of sensitive personal information in China has always been different to other jurisdictions, with a focus on risk of harm at its heart, new draft guidance should make it easier for organisations to map...more
Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more
Welcome to this month's issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice. We invite you to share this resource with your colleagues and visit...more
On July 30, 2024, in a 91-3 vote, the U.S. Senate passed the bill for the Kids Online Safety and Privacy Act (the “Bill”). The Bill, which combines the bills for the Kids Online Safety Act (“KOSA”) and the Children and Teens’...more
Navigating the stringent requirements of data subject access requests (DSARs) can feel like summitting a mountain—the path forward isn’t always clear, pitfalls abound, and you’re fighting gravity all the way....more
New guidance from the Federal Trade Commission clarifies that hashes aren’t “anonymous,” can still be used to identify users, and their misuse can lead to harm. Some key points: •For background, hashing involves taking a...more
Let’s say you want more out of your data map: More visibility, clarity, accuracy, control. Or maybe you want less: Less complexity, less cost, less work, less vulnerability. In the case of data mapping, both things could be...more
On July 10, 2024, the U.S. District Court for the Eastern District of Wisconsin granted plaintiffs’ Motion for Final Approval of a $12.2 million proposed settlement by Advocate Aurora Health to settle allegations against the...more
Rhode Island is the latest state to adopt a comprehensive data privacy law, titled the Data Transparency and Privacy Protection Act....more
Pennsylvania recently amended their data breach notification law in a way that turns the status quo on its head. The law, Senate Bill 824, adds an obligation to provide regulatory notice and tweaks the definition of personal...more
Getting buy-in for privacy resources at your organization and managing your company’s risk profile may seem like two separate–and overwhelming–tasks. But in fact, they are intertwined, and one can support the other. The key...more
In a pair of decisions released on July 5, 2024, the B.C. Court of Appeal found that an alleged reckless failure to safeguard personal information may be sufficient to make out Privacy Act claims of "wilful violation" of...more
Danielle Ocampo, a member of the CLA’s Law Section, interviewed Steve Millendorf (Partner, San Diego) to gain a deeper understanding of how California is approaching and implementing the EU AI Act. How do the principles...more
On June 28, Pennsylvania enacted SB 824 (the “Act”), amending a previous bill from 2005 entitled the Breach of Personal Information Notification Act, which addresses the security of computerized data, mandates notification...more
In the first half of 2024, seven new states—Kentucky, Maryland, Minnesota, Nebraska, New Hampshire, New Jersey, and Rhode Island—all enacted their takes on comprehensive privacy laws, bringing the total number of states with...more
The 2020 amendment to the Act on the Protection of Personal Information (“APPI”) stipulates that the APPI must be reviewed every three years — the time for a review has arrived. In the past, since its enactment in 2003, major...more
Following the Sephora and DoorDash enforcement actions, on June 18, 2024, the California Attorney General announced its third California Consumer Privacy Act (CCPA) enforcement action against Tilting Point Media LLC. Tilting...more
Editor’s Note: In this informative webcast, Christopher Wall, DPO and Special Counsel for Global Privacy and Forensics at HaystackID, moderates a compelling discussion titled “From Breach to Insight: Incident Response and PII...more
On May 24, 2024, Governor Walz signed into law the Minnesota Consumer Data Privacy Act (MNCDPA). This landmark law is the first set of comprehensive consumer privacy standards specific to Minnesota residents. The law will...more
On May 9, 2024, Governor Wes Moore signed into law the Maryland Online Data Privacy Act of 2024 (“MODPA”). MODPA will take effect on October 1, 2025, but will not apply to personal data processing activities occurring before...more