We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
How Startups Can Comply With Ever-Changing Privacy Laws
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
The ‘Long Arm’ of CIPA and Its Newfound Pen-Trap Claims
Privacy Litigation Trends: Meta Pixels, Cookie Opt-Out, and Sale of Data
Fashion Counsel: Privacy in the Retail Fashion Industry
Healthcare Privacy Walkthroughs
CF on Cyber: An Update on the Florida Security of Communications Act (FSCA)
NGE On Demand: Privacy Considerations for Remote Work Productivity Monitoring with David Wheeler
I Wish I Knew What I Know Now: Conversations with AGG on FDA Issues - Data Privacy Issues Life Sciences Companies May Encounter
Education Data Privacy and Security Laws: Best Practices for School Districts
Compliance Perspectives: Permissible Disclosures under HIPAA, Especially in the Time of COVID-19
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
BakerHostetler Partner Alan Friel Talks Big Data and Data Collection
IP|Trend: It’s Time to Get to Know the Federal Trade Commission
IP|Trend: Keeping Your Start-Up Compliant
Yul Kwon, Head of @Facebook's Privacy Program & CBS 'Survivor' Winner, Opens Up On @HsuUntied
Throughout 2025, we saw a noticeable uptick in requests from California residents invoking their rights under the state’s “Shine the Light” law, Cal. Civ. Code § 1798.83. ...more
Publishing a website privacy policy is now standard practice. But assuming that a single, generic policy covers everything is inherently risky. In reality, privacy obligations can arise from several directions: baseline...more
Compliance sweep to be undertaken by the OAIC - The Office of the Australian Information Commissioner (the OAIC) has kick-started the year by beginning its first compliance sweep. The OAIC will select approximately 60...more
Florida has suddenly become flooded with “digital wiretapping” lawsuits or demand letters targeting companies that use standard tracking technologies on their websites or in marketing emails. While historically many of these...more
As privacy regulations continue to evolve in the U.S., states are increasingly requiring businesses to honor universal opt-out signals that communicate a consumer’s data-sharing preferences. Global Privacy Control (GPC) is a...more
Does your company operate a website and do business in California? If so, you may soon receive (if you have not already) a letter from a law firm on behalf of a California resident aggrieved by your alleged violation of the...more
Businesses may be feeling a bit of whiplash from a recent federal court ruling on California’s wiretapping law and should be on alert for whether their website tracking technology could be used to file a viable lawsuit. On...more
As we’ve said, privacy compliance has long since evolved beyond check-the-box expectations. Today, organizations can no longer afford to be passive about privacy, and instead must be actively engaged in managing all aspects...more
A California federal court recently handed businesses another major victory in the ongoing wave of privacy lawsuits targeting website analytics and tracking tools. On September 30, Judge Fernando Aenlle-Rocha of the Central...more
Does your company’s website use automated bots to interact with visitors? A wave of Florida-based privacy litigation has created new compliance considerations for businesses that use what are now commonplace website tools. If...more
A federal judge in San Francisco just gave website operators a major win, calling the California Invasion of Privacy Act “a total mess” – but the ruling also highlights major privacy risks businesses still face nationwide....more
In this post: (1) Courts find cookie banners and sign-in banners place users on notice of privacy policy; (2) but policy must explicitly notify users of practice to establish consent; (3) Courts disagree whether disclosure of...more
Pennsylvania could soon join the growing list of states to enact comprehensive data privacy laws, and businesses that operate in PA must take note. Earlier this month, the commonwealth’s House passed a bipartisan consumer...more
Employers in Washington who use biometric timekeeping or security tools should take note of recent developments. While current state laws provide some exemptions for employment-related uses of biometric data, new litigation...more
California’s Invasion of Privacy Act (CIPA) was enacted in 1967 to prevent unlawful wiretapping. Nearly sixty years later it is being used in a new way: to challenge how websites collect and share user data. Today,...more
For those keeping track of the growing list of US state “comprehensive” privacy laws, you know that the Maryland law (the Maryland Online Data Privacy Act or MODPA) went into effect on October 1st. This rounds us out for US...more
In 2019, the US data privacy framework changed significantly with the emergence of the California Consumer Privacy Act which created a significant compliance burden for most businesses that collect personal information about...more
The California Privacy Protection Agency, the state’s main data privacy regulator, just announced its largest fine yet – a record-setting $1.35 million – against an employer that it found to have violated job applicant and...more
After a three-week trial, on Sept. 3, a California federal jury found Google liable for two California law-based claims in invasion of privacy and common-law inclusion upon seclusion. The class action, Rodriguez v. Google...more
No more “checking the box.” Privacy policies should no longer be boilerplate for organizations that handle consumer data. Although the policies may be viewed by some organizations as an unimportant “box to check,” they are...more
Data scraping is an automated process through which computer programs extract vast amounts of data from the internet at a faster rate than manual data collection methods....more
Researchers at Arizona State University and Citizen Lab have discovered that three families of Android VPN applications, used by millions of people worldwide, are related and owned by companies or individuals located in...more
In today’s digital landscape, a website privacy policy is no longer just a legal formality—it’s a critical shield for your business and a trust-building tool for your customers. Here’s why every company should prioritize...more
Amendment 13, which significantly updates privacy laws in Israel, has come into effect! If you still don’t know what to do to comply with the requirements, we’ve prepared a guide to help you address the main issues (not all...more
New Jersey officials recently released proposed privacy regulations that would create several new compliance obligations for businesses above and beyond what existing state law and many other state laws require, meaning you...more