State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
Unauthorized Access Returns With "Get to Know Joe" — Unauthorized Access Podcast
Brazil's AI Legislation
Episode 293 -- Catching Up with California and Other State Privacy Laws
Website Privacy Litigation
Recent Developments in California Privacy Laws - The Consumer Finance Podcast
In today’s hybrid and remote work environment, organizations are increasingly turning to digital employee management platforms that promise productivity insights, compliance enforcement, and even behavioral analytics. These...more
The Montana Legislature recently passed an update to the state’s Uniform Health Care Information Act (the Act), which creates standards for privacy and security of health care information maintained by Montana health care...more
With the introduction of the Data Sharing Act 2025 (the “Act”), Malaysia has formalised the rules governing the sharing of data between its public sector agencies. Designed to foster greater collaboration and efficiency, the...more
Hong Kong’s Privacy Commissioner for Personal Data (PCPD) recently published Guidelines for the Use of Generative AI by Employees. We look at the key points contained in the Guidelines below....more
To help our clients and readers sort through the volume of privacy, cyber, and AI news, we are switching Privacy, Cyber, & AI Decoded to a summary format. In this first edition, we look at a proposed 10-year moratorium on...more
What happens when online harassment crosses the digital divide? For a decade, the practice of swatting has been on the rise, and featured in news stories the world over. Swatting is a weaponized form of harassment that turns...more
CYBERSECURITY - U.S. Retailers Bracing for Scattered Spider Attacks - Google sent out a warning that the cybercriminal group Scattered Spider is targeting U.S.-based retailers. Scattered Spider is believed to have been...more
FTC Chairman Andrew Ferguson testified before the House Appropriations Committee’s Financial Services and General Government Subcommittee on May 15 to discuss the agency’s consumer protection and competition efforts and...more
M&A in the AI sector is redefining deal risk, especially when sensitive data is involved. As AI companies power breakthroughs in biotech, healthcare, defense, and critical infrastructure, the stakes for companies acquiring...more
Le 23 avril 2025, le Règlement sur la gestion et le signalement des incidents de sécurité de l’information de certaines institutions financières et des agents d’évaluation du crédit (le « Règlement ») est entré en vigueur au...more
Employees traveling internationally on behalf of an organization must take steps to protect sensitive, confidential, or proprietary data carried on electronic devices. U.S. Customs and Border Protection (CBP) has broad...more
Financial institutions that use code-based tracking technologies may soon find themselves facing increased scrutiny and legal exposure as the next wave of class action litigation begins. On December 19, 2024, a member of...more
The Measures outline requirements and procedures for self-initiated and regulator-mandated compliance audits from May 1, 2025....more
Selected U.S. Privacy & Cyber Updates - DOJ Settles False Claims Act Case with MORSECORP over Cybersecurity Program - On March 26, 2025, the U.S. Department of Justice (DOJ) announced that it had reached an agreement with...more
Negotiating a data processing agreement (DPA) is typically a necessary step when engaging vendors that handle personal data. However, these negotiations have become time consuming and complex, given the evolving privacy...more
Governance, risk, and compliance (GRC) can feel like thankless work at times. You can’t ship risk mitigation to market. It's not usually reflected on your balance sheet. Only especially canny investors notice the absence of...more
Artificial intelligence (AI) is rapidly reshaping the digital health sector, driving advances in patient engagement, diagnostics, and operational efficiency. However, for Privacy Officers, AI’s integration into digital health...more
Colorado was the third state in the U.S. to pass comprehensive privacy legislation, following in the footsteps of California and Virginia (the Colorado Privacy Act (the “CPA”). Now Colorado is increasing protections again,...more
Are you using artificial intelligence in your business operations? Do you have AI embedded in the goods and services you offer customers? The regulatory framework applicable to AI continues to develop, including across US...more
Under the new administration, the Customs and Border Protection Agency (CBP) is enforcing immigration laws more strictly, thus making the entry landscape into the United States challenging and burdensome for foreign...more
This episode is part of our “Bridging Campuses: Legal Insights on Education Industry Consolidation” series, where we discuss trends in higher education consolidation and closures, and outline common characteristics of at-risk...more
On 14 February 2025, the Cyberspace Administration of China (“CAC”) issued the “Administrative Measures for Personal Information Protection Compliance Audits” (the "Measures"), which will take effect on 1 May 2025. The...more
Encryption is one of several cornerstones of a robust information security program. Articles on quantum computing often include the compelling narrative that encryption is at risk, but as with any revolutionary technology,...more
On April 22, FTC Commissioner Melissa Holyoak delivered the opening keynote at the IAPP Global Summit, where she emphasized the importance of vigorously enforcing privacy laws while warning against stretching the FTC’s...more
Hello, everyone. My name is Allan Medina. I am a partner in Goodwin’s Washington, DC, office, with a practice focus on government investigations. I’m here with Liza Craig, who is also a partner in the DC office. We are...more