The fatal flaws in the 2023 CRA rule
Evolving AI Legislation: Federal Policies, Task Forces, and Proposed Laws — The Good Bot Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
From Cell Phones to Tractors: The Right to Repair Movement Drives On — Regulatory Oversight Podcast
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Solicitors General Insights: A Deep Dive With Mississippi and Tennessee Solicitors General — Regulatory Oversight Podcast
Leadership and Innovation at the Illinois AG's Office — Regulatory Oversight Podcast
Navigating the Future of Payment Stablecoins: Legislative Updates and Market Implications — Payments Pros – The Payments Law Podcast
Shifting Gears: Adapting to Regulatory Changes in Auto Finance — Moving the Metal: The Auto Finance Podcast
State AG Pulse | “Don’t Mess With Our Health or Our Kids!”
Podcast - FTC Commissioner Dismissals: Background and Implications
State AG Pulse | With the Reshaping of Government, More Power To State AGs
The Future of Auto Dealership Compliance: A Conversation With Tom Kline — Regulatory Oversight Podcast
State AG Pulse | DEI in the Federal and State Spotlight
The People's Protector: A Conversation With AG Jason Miyares — Regulatory Oversight Podcast
Bipartisan Leadership and Reform at NAAG: Insights From Brian Kane — Regulatory Oversight Podcast
The Standard Formula Podcast | Unpacking the IAIS’ Adoption of the Insurance Capital Standard
Balancing Law and Public Service: Insights From AG Formella — Regulatory Oversight Podcast
Hospice Insights Podcast - Upping the Ante: Will CMS’s Enhanced Oversight Efforts Cause Hospices to Fold?
As of May 27, 2025, Meta (Facebook and Instagram) will start using some of the personal data of European users to train its artificial intelligence (AI) systems, including tools such as Meta AI and Llama language models....more
On May 8 2025, the Swiss Federal Data Protection and Information Commissioner (FDPIC) confirmed that the Federal Act on Data Protection (FADP) is directly applicable to AI-supported data processing. The FDPIC clarified...more
2024 was a year chock-full of data breaches and privacy violations. Many new data privacy and cybersecurity regulations were introduced (and became effective), and regulators sent a strong message to businesses that privacy...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more
Maretta Morovitz is the Engage Lead at MITRE, where she simplifies the planning of adversary engagement for cyber defenders. Maretta likens her cyber defense work to the movie Home Alone, setting a series of traps for the...more
(The Consumer Protection Dispatch summarizes industry news and updates on emerging issues involving a variety of consumer protection issues including, but not limited to, data and AI.)...more
Introduction - In recent years, Ohio has made unique and nationally-mirrored efforts toward advancing a goal of protecting the personal data of its residents. In addition to joining other U.S. states in 2005 by requiring...more
Introduction - Illinois has enacted laws addressing rights and obligations related to data privacy. Companies and organizations that handle, collect, disseminate, or otherwise deal in nonpublic information have a number of...more
Introduction - Below is a brief outline of the legal regulation of personal protection in Ukraine. Governing Data Protection Legislation - 2.1. Overview of principal legislation - The main legal act governing...more
Introduction - We have compiled the main differences between the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing...more
Governing Data Protection Legislation - 2.1. Overview of principal legislation - The General Regulation Data Protection (Regulation (EU) 2016/679) (“GDPR”), as implemented by Law 190/2018 is the principal data...more
Introduction - Data protection is being driven by rapid technological advances and the increasing digitalization of society. Data protection legislation in Portugal is aligned with European Union law, in particular with...more
Introduction - The legal regime in India relating to data protection and privacy has undergone a significant re-haul and revamp. The Digital Data Protection Act, 2023 (“DPDPA”) received the President’s assent and was...more
Introduction - The General Data Protection Regulation (Regulation (EU) 2016/679) is the EU regulation which is directly applicable in all member states of the EU, including the Czech Republic, as of 25 May 2018. The new...more
In Argentina, data protection is governed by comprehensive legislation aimed at safeguarding individuals' personal data. Below you will find an outline of the key aspects including governing legislation, exploring their scope...more
On April 7, House Energy & Commerce Committee Chair Cathy McMorris Rodgers (R-WA) and Senate Commerce Committee Chair Maria Cantwell (D-WA) announced a bipartisan, bicameral draft of comprehensive data privacy legislation,...more
Health and Human Services (“HHS”) released updated guidance yesterday on the use of online tracking technologies (like cookies, pixels, software development kits (SDKs), etc.) by HIPAA Covered Entities (the “Updated...more
As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more
Selected U.S. Privacy and Cyber Updates - NYDFS Releases Circular Letter on Use of AI in Insurance Underwriting and Pricing - On January 17, 2024, the New York State Department of Financial Services (NYDFS) issued a proposed...more
It is indeed a tangled regulatory web woven to potentially trap an organization in the wake of a data incident. Navigating this web can involve significant resources, time, and stress. As we discussed in part two of this...more
Legislation requires data brokers to register with the California Privacy Protection Agency and comply with a one-stop consumer deletion mechanism by 2026 - The wave of data privacy legislation in California continues as...more
Are Automakers Making Sufficient Efforts to Protect Customer Data? With the ever-expanding Internet of Things, data privacy is a growing concern in today’s digital age. The automotive industry is no exception. The National...more
In the burgeoning realm of data incidents, it is a truism that such incidents are not created equal. Indeed, a data incident is not necessarily a data breach. Originally published in Reuters -August 24, 2023...more