2025 Privacy Law Preview: Be Prepared
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Caregivers in Cybersecurity — Unauthorized Access Podcast
#WorkforceWednesday: California's Upcoming Cyber Audit and Automated Tech Rules - Employment Law This Week®
Data Dividend: What is Personal Data Worth?
Podcast: Data Privacy and Info Security in Finance: The Lay of the Land [More with McGlinchey, Ep. 52]
2023 New Data Privacy Requirements
Guidepost in Motion EP27: Privacy Matters Part 2: “TMI”-The Privacy Dilemma of Social Media
Webinar Recording – Assessing the Surge in Wiretap Litigation
2022 DSIR Deeper Dive: Class Action Jurisprudence
Interview With Ayesha Minhaj, Google - Digital Planning Podcast
Colorado’s New Comprehensive Privacy Law
#WorkforceWednesday: 2020 in Review and What's to Come in 2021
Sitting with the C-Suite: How Do Corporations Manage the Convergence of Data during Remote Work?
On-Demand Webinar | Protecting Information in a Work-From-Home World
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
Businesses should expect to see “increased enforcement” from the California Privacy Protection Agency now that the agency has had four years to staff up and implement rules, the CPPA’s executive director said in an interview...more
A new wave of state consumer privacy laws focused on limiting data collection is creating anxiety among businesses—and Maryland is leading the charge. The Maryland Online Data Privacy Act (MODPA), set to take effect in...more
On May 8, the California Privacy Protection Agency (CPPA) ordered a Florida-based data broker to pay a $46,000 fine for failing to register and pay an annual fee as required by the Delete Act. The CPPA noted that the...more
On January 14, 2025, Sen. Brent Howard and Rep. John Pfeiffer introduced Senate Bill 626, which amends and updates Oklahoma’s Security Breach Notification Act, 24 Okla. Stat. § 161 et seq. That Act currently requires that...more
In a significant enforcement move, California’s consumer privacy regulator just ordered a national clothing retailer to pay a $345,178 fine to resolve alleged violations of the state’s privacy law. The California Privacy...more
Below, we catalog certain current state laws regulating the development and use of AI systems and technologies passed between 2019 and 2025. This list focuses on legislative initiatives that have passed and are in effect or...more
As summer approaches, three new state comprehensive privacy laws are poised to take effect, raising the number of states with effective comprehensive privacy legislation in the US to sixteen (with more to come in 2026). The...more
In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more
On April 21, 2025, the Oregon Department of Justice’s Privacy Unit reported a “big spike” in complaints about the Department of Government Efficiency (DOGE) in the first quarter of 2025....more
On April 7, 2025, Arkansas passed the Arkansas Children and Teens’ Online Privacy Protection Act (HB 1717) - a state law modeled closely after the federal Children and Teens’ Online Privacy Protection Act (widely referred to...more
On April 21, 2025, Arkansas Governor Sarah Huckabee Sanders signed into law the Arkansas Children and Teens’ Online Privacy Protection Act (Act), which will become effective on July 1, 2026. It draws inspiration from the...more
As cybersecurity attacks continue to rise, the Oklahoma Legislature is taking efforts to update old laws regarding notification of security breaches. On January 14, 2025, Sen. Brent Howard and Rep. John Pfeiffer...more
A Durham County class action asks whether “My Chart,” a widely used portal that medical providers use to communicate with patients about test results, conditions, and treatments should more aptly be labeled “Our Chart.”...more
Topics that we often discuss on this blog are the use of third-party tracking tools and the California Invasion of Privacy Act (“CIPA”). Less discussed of late, however, is the California Consumer Privacy Act (“CCPA”) which,...more
While March featured a flurry of newly introduced comprehensive privacy bills, state legislatures now appear to be primarily focused on pushing existing proposals through the chambers. ...more
As noted in our last two client alerts, the issue as to who should be the watchdog to protect consumer personal data is coming to a head in the chapter 11 bankruptcy cases of 23andMe Holding Co and its affiliated debtors...more
23andMe, a pioneer in the DNA testing kit industry, announced that it has filed for Chapter 11 bankruptcy protection and recently asked to select an independent customer data representative regarding any sale of user data....more
On March 27, 2025, a class action lawsuit was filed against the education technology (EdTech) company Instructure, the parent company of Canvas, a popular learning management system. The complaint alleges that Instructure...more
Late in February, the California Privacy Protection Agency (CPPA) ordered the shutdown of Background Alert under the state’s Data Broker Registration Law. Background Alert aggregated public records to create detailed profiles...more
Our readers may recall a prior piece in which we discussed a New Jersey federal district court (“District Court”) decision denying constitutionality-related challenges to a New Jersey privacy law known as Daniel’s Law. Below,...more
With attention on Democratic Attorneys General vowing to fill the void left by weakened federal regulators, and perhaps a more partisan divide on enforcement generally, a bipartisan consensus is quietly emerging in the states...more
Starting April 3, Ohio hospitals will have to navigate new requirements under House Bill 173. This law mandates greater transparency in healthcare pricing. It also includes rules for selling or targeted advertising related to...more
On February 26 2025, the California Privacy Protection Agency (CPPA) published its first annual report for 2024 (Report). The Report highlights that the CPPA recovered more than USD170,000 of administrative fines for data...more
On March 6, the California Privacy Protection Agency (CPPA) proposed amendments to the data broker registration regulations pursuant to the California Delete Act that would introduce new definitions and requirements for data...more