The fatal flaws in the 2023 CRA rule
Daily Compliance News: May 16, 2025, The Ethics Nightmare Edition
New York State Restaurant Reservation Anti-Piracy Act Cracks Down on a "Leech Industry"
Consumer Finance Monitor Podcast Episode: The Impact of the Election on the FTC
Compliance Tip of the Day: Standing at the Turning Point
Federal Court Strikes Down FDA Rule on LDTs - Thought Leaders in Health Law®
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
100 Days In: What Employers Need to Know - Employment Law This Week® - #WorkforceWednesday®
Breaking Down the Shifting Vaccine Policy Landscape – Diagnosing Health Care Video Podcast
Fair Lending Shake-Ups: CFPB Vacates Townstone Settlement, FHFA Ends GSEs' Special Purpose Credit Programs — The Consumer Finance Podcast
Brooklyn District Attorney Eric Gonzalez – Innovative Approach to Safety
Exploring the Administration's Regulatory Impact on Private Equity — PE Pathways Podcast
Aligning Business Goals with Legal Strategies Amid Regulatory Change – Speaking of Litigation Video Podcast
Shifting Gears: Adapting to Regulatory Changes in Auto Finance — Moving the Metal: The Auto Finance Podcast
Podcast - Hot Topics in FDA Regulation: GLP-1s, LDTs, AI and More
Consumer Finance Monitor Podcast Episode: Everything You Want to Know About the CFPB as Things Stand Today, and Lots More - Part 2
Compliance into the Weeds: The Uncertain Future of Compliance Monitors under the Trump Administration
Cannabis Law Now Podcast - From Law Firm to Board Room: The Journey of a Cannabis Entrepreneur
Daily Compliance News: April 15, 2025, The Redefining Corruption Edition
Predictions regarding the 2023 CRA Rule and Section 1071 and how to prepare for expected developments
The cross-border transfer of personal information (hereinafter referred to as “PI,” and such transfers as “PI export”) is a routine and often essential part of business operations for companies in China—particularly...more
On March 18, 2025, the European Commission proposed to extend its adequacy decision in favor of the United Kingdom (‘UK’) for an additional six-month period. This would allow free flows of personal data from the EU to the UK...more
Malaysia issued a regulatory guideline for data breach notification in February 2025. This article discusses how the new regulation affects businesses in Malaysia. On 25 February 2025, Malaysia's Personal Data Protection...more
On March 20, 2025, the new Federal Law for the Protection of Personal Data held by Private Parties (LFPDPPP of 2025) was published in the Official Gazette of the Federation. The LFPDPPP of 2025 entered into force on March 21,...more
As 2025 begins, businesses across the U.S. will be required to navigate an even more expanded landscape of state-level privacy regulations. In all, eight states are introducing comprehensive privacy laws, further adding to...more
The Personal Data Protection (Amendment) Bill 2024 (“PDPB”) was at last passed by the Malaysian Parliament at the end of July. After Royal Assent and publishing, it will become law (on a date to be determined by the Minister...more
Rhode Island has become the 19th U.S. state to enact a comprehensive privacy law. On June 25, Rhode Island Governor Daniel McKee (D) transmitted the Rhode Island Data Transparency and Privacy Protection Act (RI-DTPPA) into...more
On May 24, Minnesota Governor Tim Walz (D) signed the Minnesota Consumer Data Privacy Act (MCDPA) into law. The MCDPA largely aligns with previous state consumer privacy laws, but it introduces some significant and novel...more
On May 9, 2024, Governor Wes Moore signed into law the Maryland Online Data Privacy Act of 2024 (“MODPA”). MODPA will take effect on October 1, 2025, but will not apply to personal data processing activities occurring before...more
Minnesota becomes the latest state to move to pass legislation regulating the processing and controlling of personal data (HF 4757 / SF 4782). If signed into law by Governor Tim Walz, the Minnesota Consumer Data Privacy Act,...more
On May 9, Maryland became the second state to enact an (AADC), the Maryland Kids Code, alongside the Maryland Online Data Privacy Act (MODPA) — Maryland’s first comprehensive data privacy bill. Maryland’s AADC follows...more
On May 9, Maryland Governor Wes Moore signed the Maryland Online Data Privacy Act (MODPA) into law, making Maryland the 17th state to enact a comprehensive privacy law. Despite its name, MODPA’s coverage is not limited to...more
On May 8, attorneys general (AG) from 14 states and the District of Columbia sent a letter to Congressional leadership opposing provisions of the recently proposed federal American Privacy Rights Act (APRA). In addition to...more
On April 7, House Energy & Commerce Committee Chair Cathy McMorris Rodgers (R-WA) and Senate Commerce Committee Chair Maria Cantwell (D-WA) announced a bipartisan, bicameral draft of comprehensive data privacy legislation,...more
On March 6, 2024, New Hampshire Governor Chris Sununu signed into law SB 255-FN, An Act Relative to the Expectation of Privacy (the “Act”), making New Hampshire the 14th state to enact a comprehensive data privacy law —...more
On April 4, Kentucky Governor Andy Beshear signed the Kentucky Consumer Data Protection KCDPA (the KCDPA) into law, making Kentucky the third state in 2024 to enact a comprehensive privacy law (following New Jersey and New...more
On February 28, 2024, U.S. President Joe Biden issued Executive Order on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern (EO), which authorizes...more
On January 16, 2024, New Jersey became the fourteenth state to enact comprehensive privacy legislation after the passage of the New Jersey Data Privacy Act (“NJDPA”), adding to the growing national focus on consumer personal...more
As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more
On January 16, New Jersey Governor Phil Murphy signed S332 (the act), making New Jersey the first state in 2024 to enact a comprehensive privacy law. Several other states are currently considering similar comprehensive...more
On January 16, 2024, New Jersey Governor Phil Murphy signed into law Senate Bill No. 332, “An Act concerning online services, consumers, and personal data” (“SB 332”). New Jersey is the fourteenth state to pass a...more
Similar to the well-known California Consumer Privacy Act, on July 1, 2024, the Colorado Privacy Act (CPA) goes into effect and will provide Colorado residents with express rights over their data collected by businesses. The...more
In 2023, the privacy landscape saw a proliferation of comprehensive state data privacy laws being enacted in several jurisdictions, as well as a few that have also taken effect. Although, many of the laws are similar,...more
CYBERSECURITY - New York Governor Proposes Cybersecurity Regulations for NY Hospitals - On November 13, 2023, Governor Kathy Hochul released proposed cybersecurity regulations applicable to all hospitals located within...more
Delaware is the latest state to enact a comprehensive data privacy law, which creates unique compliance challenges and risks for companies....more