Balch’s Consumer Finance Compass: How Standing Can Make or Break Certification for Class Action Lawsuits in Debt Collection
Top challenges with Compliance Management
Treating Compliance Like an Asset
When DEI Meets the FCA: What Employers Need to Know About the DOJ’s Civil Rights Fraud Initiative
#Risk New York Speaker Series – Exploring Future Regulatory Trends and Compliance Strategies with Rory McGrath
SCOTUS Clean Air Act Cases: What’s New?
First 100 Days of the New HSR Rules with Antitrust Partner Kara Kuritz
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
From Permits to Penalties: A Deep Dive Into Coastal Development Law
Compliance into the Weeds: Boeing’s New Safety Initiatives and Compliance Reforms
PODCAST: Williams Mullen's Benefits Companion - Gag Clause Prohibitions
Cannabis Law Now Podcast - Cannabis in the Show Me State: An Interview with BeLeaf Medical's Mitch Meyers
Compliance Tip of the Day – COSO Objective 1 – Control Environment
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Episode 374 -- Justice Department Resumes FCPA Enforcement with New, Focused Guidance
2 Gurus Talk Compliance – Episode 54 – The FCPA is Back On Edition
Cruising Through Change: The Auto-Finance Industry’s New Era Under Trump Unveiled — The Consumer Finance Podcast
2023 CRA Rule Repeal: Lessons to be Learned
The Classification of Gasoline & Gasoline Fumes as a Carcinogen: Considerations for Corporate Executives & Attorneys
On June 18, 2025, the United States District Court for the Northern District of Texas Amarillo Division issued an opinion, Purl v. Department of Health and Human Services, declaring the U.S. Department of Health and Human...more
On 4 June 2025, the European Data Protection Board published guidelines clarifying how EU-based companies should assess requests from foreign authorities for access to EU personal data. The EDPB emphasizes that such requests...more
A new Insight published by our Morgan Lewis colleagues highlights the complex legal landscape data centers face in the United States, particularly concerning cybersecurity, privacy, and national security. Cybersecurity...more
Unlike Europe’s comprehensive General Data Protection Regulation framework, the United States still lacks an all-encompassing data privacy statute. Instead, data centers operating in the United States must navigate a complex...more
On June 22, 2025, Governor Abbott signed the Texas Responsible Artificial Intelligence Governance Act (TRAIGA), which will take effect January 1, 2026. Any business or government agency working with AI in Texas should take...more
Cyber regulations are crucial for the protection of individuals and businesses and aid in risk minimization; failure to comply with these regulations can result in severe consequences such as financial penalties, legal...more
Our Privacy, Cyber & Data Strategy Team discusses how to overcome five challenges companies face in the wake of a data security incident when reviewing impacted data to comply with legal obligations....more
Texas has become the second state, after Colorado, to enact omnibus legislation regulating artificial intelligence (AI) systems. On June 22, 2025, Texas Gov. Greg Abbott signed into law the Texas Responsible Artificial...more
With the use of artificial intelligence (“AI”) becoming more pervasive every day, it should not surprise our readers that regulators are increasingly focused on the use of AI and its associated consumer data privacy...more
Utah Governor Spencer J. Cox signed three state AI bills into law that took effect May 7, 2025. These laws require businesses to make “you’re talking to a bot” disclosures and comply with privacy requirements when using AI in...more
California Assembly Bill 2013 (AB 2013), known as the Generative Artificial Intelligence: Training Data Transparency Act, was signed into law on September 28, 2024, and is set to take effect on January 1, 2026. ...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more
Last May, Colorado Governor Jared Polis signed into law amendments to the Colorado Privacy Act ("CPA") that impose new obligations governing the collection, processing, retention, and disclosure of Coloradans' biometrics. The...more
Artificial intelligence (AI) is rapidly changing the hiring landscape. Whether scanning resumes with machine learning tools or ranking candidates based on predictive models, employers in Canada may now want to ensure...more
In today's world, violations of individual privacy and secret disclosure are a serious problem. It may be eavesdropping, interception, recording, and the spreading of personal information without the consent of the other...more
Below, we catalog certain current state laws regulating the development and use of AI systems and technologies passed between 2019 and 2025. This list focuses on legislative initiatives that have passed and are in effect or...more
During the 2024 legislative session, the Colorado General Assembly passed Senate Bill 24-205, which is known as the Colorado Artificial Intelligence Act (CAIA). This law will take effect on February 1, 2026, and requires...more
On May 6, Indiana Governor Mike Braun signed House Enrolled Act No. 1125 into law, making Indiana the latest state to enact a statutory framework for regulating earned wage access (EWA) products. The Indiana Earned Wage...more
On April 21, 2025, the Federal Trade Commission (FTC) finalized a significant and long-awaited update to the Children’s Online Privacy Protection Act (COPPA) Rule—the law’s first update since 2013. The revised Rule introduces...more
After the Children’s Online Privacy Protection Rule (COPPA) updates, proposed by the FTC’s Final Rule, were paused due to an Executive Order in January this year, many wondered whether that would be the end of the long...more
Businesses need to remain vigilant regarding recent developments in consumer-based data privacy class actions. In recent weeks, the plaintiff class action bar has filed several lawsuits against The Trade Desk Inc. related to...more
Automated decision-making, or ADM, is used for a wide range of use cases that impact individuals — from processing insurance claims and credit scoring, to ranking job candidates and offering personalized pricing or targeted...more
Oregon’s Attorney General released a new report this month, summarizing the outcomes since Oregon’s “comprehensive” privacy law took effect six months ago. A six-month report isn’t new: Connecticut released a six month report...more
In the beginning of March, I gave a presentation on AI legal developments. One of the attendees astutely pointed out that the current legal framework seems to focus on B2C use cases. I agreed. The focus is consumer...more