We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
How Startups Can Comply With Ever-Changing Privacy Laws
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
The ‘Long Arm’ of CIPA and Its Newfound Pen-Trap Claims
Privacy Litigation Trends: Meta Pixels, Cookie Opt-Out, and Sale of Data
Fashion Counsel: Privacy in the Retail Fashion Industry
Healthcare Privacy Walkthroughs
CF on Cyber: An Update on the Florida Security of Communications Act (FSCA)
NGE On Demand: Privacy Considerations for Remote Work Productivity Monitoring with David Wheeler
I Wish I Knew What I Know Now: Conversations with AGG on FDA Issues - Data Privacy Issues Life Sciences Companies May Encounter
Education Data Privacy and Security Laws: Best Practices for School Districts
Compliance Perspectives: Permissible Disclosures under HIPAA, Especially in the Time of COVID-19
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
BakerHostetler Partner Alan Friel Talks Big Data and Data Collection
IP|Trend: It’s Time to Get to Know the Federal Trade Commission
IP|Trend: Keeping Your Start-Up Compliant
Yul Kwon, Head of @Facebook's Privacy Program & CBS 'Survivor' Winner, Opens Up On @HsuUntied
As we enter 2026, the changes of the last several years are no longer abstract. Technology decisions are now examined closely by regulators, courts and counterparties, often long after those decisions were made. At the same...more
Although Indiana adopted the Consumer Data Protection Act (CDPA) in 2023, on January 1, 2026, the CDPA rubber officially hit the road. This data privacy law regulating how businesses must handle the personal information of...more
The California Consumer Privacy Act (CCPA) Regulations got a New Year update, with amendments effective on January 1, 2026. Think of these changes as a front-door refresh—strengthening key points to the privacy program—rather...more
A recent Pennsylvania Supreme Court ruling could have broad implications for internet privacy, and employers should take note. The state’s high court ruled in December that individuals do not have a reasonable expectation of...more
Florida has suddenly become flooded with “digital wiretapping” lawsuits or demand letters targeting companies that use standard tracking technologies on their websites or in marketing emails. While historically many of these...more
As announced in late 2025, the Office of the Australian Information Commissioner (OAIC) will in this month commence a crackdown on the privacy policies of organisations that collect information in-person. The OAIC has...more
Starting in January, three state app store age verification laws will take effect: Texas’ App Store Accountability Act (effective Jan. 1), Utah’s App Store Accountability Act (effective May 7) and Louisiana’s App Store...more
As our readership is aware, the Application-to-Person (“A2P”) 10-digit long code (“10DLC”) ecosystem continues to evolve as mobile carriers refine their requirements for The Campaign Registry (“TCR”). The year 2025 saw a...more
As privacy regulations continue to evolve in the U.S., states are increasingly requiring businesses to honor universal opt-out signals that communicate a consumer’s data-sharing preferences. Global Privacy Control (GPC) is a...more
As the year comes to a close and businesses prepare to wrap up 2025, there’s one critical task that should not be overlooked — a comprehensive legal check-up. Just as we schedule annual physicals to safeguard our personal...more
Is your website’s privacy policy up-to-date? For businesses covered by the California Consumer Privacy Act (CCPA) and the expanded 2026 regulations, annual reviews and updates are required—not optional....more
Does your company operate a website and do business in California? If so, you may soon receive (if you have not already) a letter from a law firm on behalf of a California resident aggrieved by your alleged violation of the...more
Over the last several years, plaintiffs’ attorneys and other individuals have used antiquated wiretapping laws, including California’s 1967 wiretapping act, to allege that businesses with websites utilizing third parties and...more
Question: I’m aware that there are new state consumer privacy laws coming into effect on January 1, 2026, along with recently approved CCPA regulations. Do I need to update my business’s privacy policy and other...more
Businesses may be feeling a bit of whiplash from a recent federal court ruling on California’s wiretapping law and should be on alert for whether their website tracking technology could be used to file a viable lawsuit. On...more
Claimants are reviving a 1960s-era wiretapping law to challenge common website tracking tools – including pixels, session replay, chat widgets, and more. Data privacy and compliance professionals navigate an increasing number...more
As you slowly emerge from your tryptophan coma next week, and realize that the first of December is upon us, many complex legal tasks may seem too daunting to face. Luckily, the privacy team at Stoel Rives has developed a...more
During a recent gathering of data privacy and security experts, regulators from the Maryland and Delaware Offices of Attorney General provided their insights regarding priorities for state privacy enforcement and...more
“Trap and trace” and website privacy lawsuits are on the rise nationwide. Plaintiffs’ lawyers are zeroing in on companies that use chat tools, analytics, or ad pixels without proper disclosures or consent. The common thread?...more
Recent developments from the Network Advertising Initiative (NAI) and the California Privacy Protection Agency (CPPA) impact how businesses manage consumer opt-out preferences and Global Privacy Control (GPC) signals. Below...more
While it’s common for companies to think that simply having a data privacy policy is enough to meet privacy law requirements, a strong privacy program involves much more than what’s visible on the “stage.” Behind the curtain,...more
LinkedIn’s updated generative AI policy has prompted plenty of questions, and for good reason. As of November 3, 2025, the popular social media network began using certain member data to train the generative-AI models that...more
As we’ve said, privacy compliance has long since evolved beyond check-the-box expectations. Today, organizations can no longer afford to be passive about privacy, and instead must be actively engaged in managing all aspects...more
Although New York and California remain epicenters for ADA and privacy-related website litigation, these issues are not confined to those jurisdictions. Plaintiffs’ firms are increasingly filing similar suits in other states,...more
A California federal court recently handed businesses another major victory in the ongoing wave of privacy lawsuits targeting website analytics and tracking tools. On September 30, Judge Fernando Aenlle-Rocha of the Central...more