State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: CFIUS Update: Key Takeaways from the FIRRMA Implementing Regulations
While the US federal government is largely scaling back its rulemaking and compliance efforts, one critical exception is where personal data and technology intersect with national security. Exemplifying this trend, on April...more
On January 8, the US Department of Justice (DOJ) issued a final rule under Executive Order 14117, which established the Rule Preventing Access to US Sensitive Personal Data and Government-Related Data by Countries of Concern...more
What's Changed? The U.S. Department of Justice (DOJ) published a Data Security Program (DSP), pursuant to a final rule (Final Rule), which became effective on April 8, 2025....more
U.S. organizations should carefully review and ensure their privacy and cybersecurity practices comply with a wide-ranging new federal rule establishing data transfer restrictions regarding sensitive U.S. personal data. The...more
The guide outlines the requirements of a newly implemented Data Security Program designed to prevent China, Russia and other foreign adversaries designated by the U.S. Department of Justice from accessing American’s sensitive...more
On April 22, FTC Commissioner Melissa Holyoak delivered the opening keynote at the IAPP Global Summit, where she emphasized the importance of vigorously enforcing privacy laws while warning against stretching the FTC’s...more
Hello, everyone. My name is Allan Medina. I am a partner in Goodwin’s Washington, DC, office, with a practice focus on government investigations. I’m here with Liza Craig, who is also a partner in the DC office. We are...more
Many “good government” initiatives continue to be enacted or implemented on Capitol Hill or in the Executive Branch — notwithstanding changes in political control. While working on Capitol Hill, the bulk of the legislative...more
On January 8, 2025, the U.S. Department of Justice (“DOJ”) issued its final rule to implement Executive Order 14117 aimed at preventing access to Americans' bulk sensitive personal data and government-related data by...more
In a Press Release issued April 11, 2025, the U.S. Department of Justice (“DOJ”) indicated that it would prioritize “facilitating compliance” over civil enforcement actions for the first 90 days of its new US-China data...more
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
In the ongoing saga of the 23andMe bankruptcy, Federal Trade Commission Chairman Andrew N. Ferguson recently sent a letter to the Trustee overseeing the 23andMe bankruptcy proceeding stating, “As Chairman of the Federal Trade...more
On April 8, the National Security Division of the U.S. Department of Justice’s (DOJ) new rule on cross-border data transfers takes effect. It restricts U.S. businesses from transferring certain bulk sensitive personal data to...more
In a critical revelation within the realm of digital privacy, a significant data breach was uncovered involving key players in the dating app industry. Approximately 1.5 million explicit images from users of BDSM People,...more
U.S. companies and organizations have entered a new era of sweeping restrictions on cross-border data transfers. The Department of Justice's (DOJ) Final Rule, "Preventing Access to U.S. Sensitive Personal Data and...more
In data breach litigation, courts generally find plaintiffs have standing such that their complaints may proceed past the pleading stage when it is alleged that sensitive information was impacted and there is an allegation of...more
On February 21, 2025, a federal district court judge from the Southern District of New York issued a preliminary injunction against the Department of Government Efficiency’s (DOGE), access to Treasury Department payment...more
The Department of Justice (DOJ) issued a final rule (the "Rule") on December 27, 2024, implementing Executive Order 14117 "Preventing Access to Americans' Bulk Sensitive Personal Data and United States Government-Related Data...more
The Department of Justice’s (DOJ) final rule implements President Biden’s Executive Order 14117 of February 28, 2024, on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data...more
According to a highly critical article recently published by TechCrunch, the Department of Government Efficiency (DOGE), President Trump’s advisory board headed by Elon Musk, has “taken control of top federal departments and...more
The Department of Justice (“DOJ”) published its final regulations on “Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons” (the “Final Rule”). The Final...more
On January 8, 2025, the Department of Justice (DOJ) published in the Federal Register a Final Rule, "Preventing Access to U.S. Sensitive Personal Data and Government Related Data by Countries of Concern or Covered Persons,"...more
PowerSchool, a provider of software solutions for K-12 school systems, recently disclosed a cybersecurity incident that may have potentially exposed sensitive information of both students and school district employees....more
On January 8, 2025, the Department of Justice (“DOJ”) published its Final Rule to implement President Biden’s Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States...more