Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
The ‘Long Arm’ of CIPA and Its Newfound Pen-Trap Claims
Privacy Litigation Trends: Meta Pixels, Cookie Opt-Out, and Sale of Data
Fashion Counsel: Privacy in the Retail Fashion Industry
Healthcare Privacy Walkthroughs
CF on Cyber: An Update on the Florida Security of Communications Act (FSCA)
NGE On Demand: Privacy Considerations for Remote Work Productivity Monitoring with David Wheeler
I Wish I Knew What I Know Now: Conversations with AGG on FDA Issues - Data Privacy Issues Life Sciences Companies May Encounter
Education Data Privacy and Security Laws: Best Practices for School Districts
Compliance Perspectives: Permissible Disclosures under HIPAA, Especially in the Time of COVID-19
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
BakerHostetler Partner Alan Friel Talks Big Data and Data Collection
IP|Trend: It’s Time to Get to Know the Federal Trade Commission
IP|Trend: Keeping Your Start-Up Compliant
Yul Kwon, Head of @Facebook's Privacy Program & CBS 'Survivor' Winner, Opens Up On @HsuUntied
An Overview of the 2014 Class Action Survey
Can a website copy terms of use or a privacy policy from a similar website?
On March 23, 2025, 23andMe, along with its affiliates, filed for voluntary Chapter 11 bankruptcy. The company’s decision to file for bankruptcy follows in the wake of a 2023 data breach affecting close to 7 million customer...more
Un paquete de reformas relevantes fue aprobado recientemente en México, introduciendo nuevas regulaciones en materia de protección de datos personales y transparencia. Este cambio estructural en el marco normativo mexicano se...more
A major reform package was recently enacted in Mexico introducing new regulations on personal data protection and transparency. This structural shift in Mexico’s regulatory framework will unfold over the coming months, but...more
On 21 March 2025, the New Federal Law for the Protection of Personal Data in Possession of Private Parties came into effect, superseding and repealing the prior data protection law....more
Oregon consumers submitted more than 100 privacy complaints to the state’s justice department within six months of the Oregon Consumer Privacy Act (OCPA) taking effect, and businesses subject to the new law need to take note....more
“Don’t Mess with Texas.” It’s an evocative phrase, which is probably why it survived so long past its humble origins as a 1980s campaign slogan to discourage drivers from littering on Texan highways....more
We explore what trustees need to be aware of when dealing with data and complying with their obligations under the Data Protection (Bailiwick of Guernsey) Law, 2017 and related legislation (the "DP Law")....more
On January 10, 2025, in the waning days of the Biden Administration, the Consumer Financial Protection Bureau issued a Request for Information Regarding the Collection, Use, and Monetization of Consumer Payment and Other...more
A new decision by the United Kingdom’s high court says that even if you have cookie and marketing consent mechanisms that are sufficient for valid consent under privacy laws for the general public, they may not be enough for...more
DeepSeek, a Chinese artificial intelligence (“AI”) startup, recently made waves across the global AI landscape with the release of its latest open-source R1 model. While some versions of DeepSeek’s model can be downloaded and...more
India just released a landmark draft of new rules to refine and implement the Digital Personal Data Protection Act (DPDP Act) – which is India’s first comprehensive data privacy legislation regulating digital personal data...more
Your perspectives and perceptions towards a problem drive your approach to solving that problem. Managing data privacy challenges are no different. Therefore, to address today’s issues, it is a worthwhile exercise to review...more
Tomorrow is International Data Privacy Day, so a happy day to all! More seriously, data privacy concerns and legislation continue to rapidly increase. It has been estimated that by the end of 2024 more than 75 percent of...more
App permissions do not satisfy the requirements for valid consent for the purpose of GDPR because they lack sufficient detail and granularity, according to the Commission Nationale de l’Informatique et des Libertés (CNIL)....more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
As 2025 begins, businesses across the U.S. will be required to navigate an even more expanded landscape of state-level privacy regulations. In all, eight states are introducing comprehensive privacy laws, further adding to...more
If your business is one of the lucky ones that has not yet had to address the requirements of the various consumer privacy laws across the country, it is once again time to check whether your status has changed. Eight more...more
The Dutch Data Protection Authority (the “Dutch DPA”) issued a €4.75 million (approximately $5 million USD) fine on Netflix in connection with a data access investigation that started in 2019. The investigation arose out of...more
We work with many US-based businesses that ask us to update their privacy policies to make sure they comply with current data protection laws that apply to them. These businesses are usually referring to their website privacy...more
On September 13, 2024, the Colorado Attorney General’s office (the Colorado Department of Law) proposed draft amendments (draft regulations) to its Colorado Privacy Act (CPA) regulations, which took effect in 2023. The draft...more
As January 2025 privacy strategy planning ramps up this fall, our Privacy, Security, & Artificial Intelligence team has put together a planning alert for 2024–2025. In this installment, we review the following nine state...more
Website owners often struggle to design privacy policies that are not only comprehensive, but also comprehensible. The tension between these competing concerns was in sharp focus in a recent Ninth Circuit decision, Calhoun v....more
What is a Privacy Policy? A company’s privacy policy details its commitments regarding the handling and use of consumer data. The policy must explicitly define the company’s practices for collecting, storing, processing, and...more
Las compañías que hacen negocios en México deben revisar las políticas y prácticas pertinentes para asegurarse de que se alinean al marco integral de privacidad de datos del país. Específicamente, querrá evaluar sus avisos de...more
Companies doing business in Mexico should review relevant policies and practices to ensure they align with the country’s comprehensive data privacy framework. Specifically, you’ll want to assess your privacy notices, data...more