State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
Unauthorized Access Returns With "Get to Know Joe" — Unauthorized Access Podcast
Brazil's AI Legislation
Episode 293 -- Catching Up with California and Other State Privacy Laws
Website Privacy Litigation
Recent Developments in California Privacy Laws - The Consumer Finance Podcast
A California federal court just certified a significant class action involving allegations that a health-tracking app improperly shared sensitive health information with third parties without user consent. The court’s May 22...more
A new federal law criminalizes nonconsensual intimate imagery and gives covered websites, mobile applications, and other online platforms merely 48 hours to comply with requests to take down such materials. On May 19, 2025,...more
On April 24 2025, the French supervisory authority (CNIL) issued a draft recommendation to address challenges in collecting user consent for cookies and trackers across multiple devices (the Draft Recommendation). The new...more
Recent months have seen a dramatic increase in demand letters and litigation targeting websites and mobile apps. These claims often allege privacy violations stemming from the use of various technologies such as chat bots,...more
On February 14, 2025, in Therrien v. Hearst Television, Inc., the District of Massachusetts denied a motion for class certification due to the plaintiff’s failure to meet the implied ascertainability requirement of Rule 23....more
The New York Attorney General recently entered into an assurance of discontinuance with Saturn Technologies, operator of an app used by high school and college students. The app was designed to be a social media platform that...more
This week California Attorney General Rob Bonta announced a new investigative sweep under the California Consumer Privacy Act (CCPA). We have anticipated this sweep for some time based on the focus and the direction of a...more
On February 10, 2025, the first class action complaint was filed pursuant to Washington’s MY Health MY Data Act (“MHMDA”), Wash. Rev. Code Ann. § 19.373.005 et seq. See Maxwell v. Amazon.com, Inc. et al., Case No. 2:25-cv-261...more
An online retailer was recently hit with the first class action under Washington’s consumer health data privacy law alleging that it used advertising software attached to certain third-party mobile phone apps to unlawfully...more
The first class action complaint was filed under Washington’s My Health My Data Act (“MHMDA”) on February 10, 2025, more than a year after the law’s passage. When the law passed in April 2023, MHMDA was novel for its broad...more
While mobile apps have become one of the major means of access to digital services, their ubiquity is accompanied by significant risks to users' privacy, due to the massive amount of personal data they collect and process....more
The new year serves as a reminder that – at least annually – businesses of all sizes should review their websites, applications and other data-related resources to ensure that they are up to date. Scheduling a regular cadence...more
Despite bipartisan support for banning TikTok – essentially spyware presenting a national security threat from the People’s Republic of China (PRC) – in the United States (as done by India) and the Supreme Court’s upholding...more
App permissions do not satisfy the requirements for valid consent for the purpose of GDPR because they lack sufficient detail and granularity, according to the Commission Nationale de l’Informatique et des Libertés (CNIL)....more
Anticipating enforcement priorities of regulators may partly rely on their long-term trajectory and domestic dynamics, which differ from a country to another. This action plan reflects CNIL’s ambition (i) to be appointed by...more
Some businesses might be surprised to learn that digital wiretapping litigation claims are one of today’s fastest-growing compliance risks, with over 1,560 lawsuits filed in 28 states since a groundbreaking 2022 decision...more
The Federal Trade Commission (FTC) and the Los Angeles County District Attorney on July 9, 2024, announced a complaint and proposed stipulated order against NGL Labs, LLC, and two NGL co-founders concerning the “NGL: ask me...more
In its ongoing concern with “dark patterns,” the FTC recently announced results of two reviews of sites and apps purportedly engaging in the practice. As a reminder, the FTC views as “dark patterns” practices or web designs...more
While generative artificial intelligence (AI) apps – such as Chat-GPT, Google Gemini, and Stable Diffusion – are capturing the national spotlight, many businesses are using other forms of machine learning, algorithms, and...more
As 2024 gets underway, California's regulators have continued to press forward in seeking to enforce the California Consumer Privacy Act (CCPA). Two recent developments warrant mentioning....more
The Children’s Advertising Review Unit (CARU) released new guidelines for interacting with children in the metaverse: Building Guardrails for Child-Directed Advertising & Privacy in the Metaverse. The guardrails are intended...more
The California Attorney General's (the "Cal AG") office appears to be moving forward with enforcement activities, despite a recent court ruling delaying enforcement of CPRA regulations. In the past month, since the amendments...more
On June 2, 2023, the Civilian Agency Acquisition Council and the Defense Acquisition Regulations Council issued an interim rule to implement a new statutory requirement that, in short, bans the TikTok app from devices used in...more
Last Friday, the Federal Acquisition Regulatory Council published an interim final rule ("IFR") to ban the use of a ByteDance Covered Application (i.e., TikTok) in government contracting. The IFR is effective June 2, 2023....more
The FTC released a Notice of Proposed Rulemaking (NPRM) to introduce changes to the Health Breach Notification Rule (HBNR). While the HBNR began as a breach notification rule seemingly focused on a narrow set of applications...more