Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
The ‘Long Arm’ of CIPA and Its Newfound Pen-Trap Claims
Privacy Litigation Trends: Meta Pixels, Cookie Opt-Out, and Sale of Data
Fashion Counsel: Privacy in the Retail Fashion Industry
Healthcare Privacy Walkthroughs
CF on Cyber: An Update on the Florida Security of Communications Act (FSCA)
NGE On Demand: Privacy Considerations for Remote Work Productivity Monitoring with David Wheeler
I Wish I Knew What I Know Now: Conversations with AGG on FDA Issues - Data Privacy Issues Life Sciences Companies May Encounter
Education Data Privacy and Security Laws: Best Practices for School Districts
Compliance Perspectives: Permissible Disclosures under HIPAA, Especially in the Time of COVID-19
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
BakerHostetler Partner Alan Friel Talks Big Data and Data Collection
IP|Trend: It’s Time to Get to Know the Federal Trade Commission
IP|Trend: Keeping Your Start-Up Compliant
Yul Kwon, Head of @Facebook's Privacy Program & CBS 'Survivor' Winner, Opens Up On @HsuUntied
An Overview of the 2014 Class Action Survey
Can a website copy terms of use or a privacy policy from a similar website?
A recent decision from the Northern District of California may signal an important shift in the trend of how courts interpret “consent” under the Video Privacy Protection Act (VPPA). In Lakes v. Ubisoft, Inc., No....more
Online retailer Harriet Carter Gifts recently obtained summary judgment from the district court in a class action under Pennsylvania wiretap law. At the heart of this case is the interpretation and application of the...more
When browsing the internet, consumers are accustomed to being presented with advertisements for products for which they previously had searched. Through use of third-party tracking tools, companies are able to monitor visitor...more
On 21 March 2025, the New Federal Law for the Protection of Personal Data in Possession of Private Parties came into effect, superseding and repealing the prior data protection law....more
In late March, an online retailer successfully asserted consent as a complete defense to a putative Pennsylvania Wiretapping and Electronic Surveillance Control Act of 1978 (WESCA) class action lawsuit, resulting in the...more
The following is sufficient consent for the Video Privacy Protection Act and the California Invasion of Privacy Act, according to a recent decision in the U.S. District Court for the Northern District of California....more
An oft-discussed topic on this blog is the rise in lawsuits asserting illegal wiretapping claims against companies that use technology on their websites to track consumer interactions. Recently, a Pennsylvania federal judge...more
Businesses operating in California that rely on location tracking – whether for fleet management, employee monitoring, logistics, or marketing – should pay close attention to a bill that would dramatically alter the legal...more
On February 10, 2025, the first class action complaint was filed pursuant to Washington’s MY Health MY Data Act (“MHMDA”), Wash. Rev. Code Ann. § 19.373.005 et seq. See Maxwell v. Amazon.com, Inc. et al., Case No. 2:25-cv-261...more
Almost every business has a website; every website should have a privacy policy, terms of use, and, in some cases, a consumer privacy rights notice—if certain state consumer privacy rights laws apply to your business, such as...more
If you are the owner of a telemarketing business, there is a good chance that you are familiar with The Campaign Registry (“TCR”). TCR registration is essential for businesses for several reasons. Crucially, it ensures that...more
A new decision by the United Kingdom’s high court says that even if you have cookie and marketing consent mechanisms that are sufficient for valid consent under privacy laws for the general public, they may not be enough for...more
Wearable technologies are becoming increasingly common in the workplace, but a new guidance document from the Equal Employment Opportunity Commission (EEOC) has made it clear that employers need to tread carefully. From smart...more
The Colorado attorney general’s office just adopted significant updates to the Colorado Privacy Act (CPA) rules, which will soon introduce new obligations related to biometric data, employee biometrics, children’s privacy,...more
Colorado employers could soon need to comply with the disclosure and consent requirements of the state’s privacy act when they collect biometric identifiers from employees or applicants – which would make Colorado the first...more
Website owners often struggle to design privacy policies that are not only comprehensive, but also comprehensible. The tension between these competing concerns was in sharp focus in a recent Ninth Circuit decision, Calhoun v....more
Businesses with a website beware: California regulators just warned that the law prohibits your website from making website users jump through hoops or otherwise confusing them as they try to exercise their privacy rights,...more
In a significant move to enhance consumer privacy and promote transparency in digital practices, the New York State Attorney General recently published two critical guides: “Website Privacy Controls: A Guide for Business” and...more
On July 30, 2024, in a 91-3 vote, the U.S. Senate passed the bill for the Kids Online Safety and Privacy Act (the “Bill”). The Bill, which combines the bills for the Kids Online Safety Act (“KOSA”) and the Children and Teens’...more
Key Points - The Senate has passed landmark children’s online privacy and safety legislation via a near-unanimous vote shortly before departing for the August recess. The bill is comprised of revised versions of the Kids...more
Some writers (not from my great state of Rhode Island) act like Rhode Island has been behind the times when it comes to data privacy and security when discussing Rhode Island’s new privacy law. I feel a need to explain that...more
In just a few short weeks, a new front may emerge for biometrics litigation in the United States. On March 31, 2024, the My Health My Data Act (“MHMDA”) will go into effect in Washington for most entities that conduct...more
For decades, medical providers and other covered entities have satisfied their health-data privacy obligations by complying with the federal Health Insurance Portability and Accountability Act (HIPAA) — but this is changing...more
Remember that old parody of the Battle Hymn of the Republic we used to sing before there was an Internet? There are apparently many versions, but they all generally involve children inflicting various types of mayhem on their...more
What You Need To Know In A Minute Or Less - Throughout this series, we have discussed the recent surge of session replay lawsuits—particularly in Pennsylvania, California, and Florida—and the potential for these cases to...more