Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
Colorado AI Act — The Good Bot Podcast
AGG Talks: Women in Tech Law Podcast - Episode 5: How the Tech Industry Can Monitor Regulatory Changes Under the Trump Administration
2025 Privacy Law Preview: Be Prepared
A Brief Overview of Colorado’s Recently Enacted AI Law
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
State AG Pulse | Never Say Never to Federal Privacy Legislation
Navigating State Privacy Laws
Are You Ready to Comply With New State Data Privacy Laws?
PODCAST: Williams Mullen's Trending Now: An IP Podcast - U.S. State Data Privacy Update
Episode 293 -- Catching Up with California and Other State Privacy Laws
Podcast - Artificial Intelligence in Healthcare and How to Comply with HIPAA & State Privacy Laws
Data Privacy Unlocked, A Conversation with Texas Representative Giovanni Capriglione
March Monthly Minute | Preparing for U.S. State Privacy Laws in 2023
Webinar Recording – The Colorado Privacy Act and Draft Rules
#WorkforceWednesday: California Privacy Exemptions Set to Expire, Status of DOL Independent Contractor Rule, D.C. Non-Compete Notices Take Effect - Employment Law This Week®
Webinar Recording – Preparing for Compliance with the California Privacy Rights Act (CPRA)
[Podcast] An Introduction to the California Age-Appropriate Design Code
In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more
On April 21, 2025, the Oregon Department of Justice’s Privacy Unit reported a “big spike” in complaints about the Department of Government Efficiency (DOGE) in the first quarter of 2025....more
On April 7, 2025, Arkansas passed the Arkansas Children and Teens’ Online Privacy Protection Act (HB 1717) - a state law modeled closely after the federal Children and Teens’ Online Privacy Protection Act (widely referred to...more
On April 21, 2025, Arkansas Governor Sarah Huckabee Sanders signed into law the Arkansas Children and Teens’ Online Privacy Protection Act (Act), which will become effective on July 1, 2026. It draws inspiration from the...more
As cybersecurity attacks continue to rise, the Oklahoma Legislature is taking efforts to update old laws regarding notification of security breaches. On January 14, 2025, Sen. Brent Howard and Rep. John Pfeiffer...more
A Durham County class action asks whether “My Chart,” a widely used portal that medical providers use to communicate with patients about test results, conditions, and treatments should more aptly be labeled “Our Chart.”...more
Topics that we often discuss on this blog are the use of third-party tracking tools and the California Invasion of Privacy Act (“CIPA”). Less discussed of late, however, is the California Consumer Privacy Act (“CCPA”) which,...more
While March featured a flurry of newly introduced comprehensive privacy bills, state legislatures now appear to be primarily focused on pushing existing proposals through the chambers. ...more
As noted in our last two client alerts, the issue as to who should be the watchdog to protect consumer personal data is coming to a head in the chapter 11 bankruptcy cases of 23andMe Holding Co and its affiliated debtors...more
23andMe, a pioneer in the DNA testing kit industry, announced that it has filed for Chapter 11 bankruptcy protection and recently asked to select an independent customer data representative regarding any sale of user data....more
On March 27, 2025, a class action lawsuit was filed against the education technology (EdTech) company Instructure, the parent company of Canvas, a popular learning management system. The complaint alleges that Instructure...more
Late in February, the California Privacy Protection Agency (CPPA) ordered the shutdown of Background Alert under the state’s Data Broker Registration Law. Background Alert aggregated public records to create detailed profiles...more
Our readers may recall a prior piece in which we discussed a New Jersey federal district court (“District Court”) decision denying constitutionality-related challenges to a New Jersey privacy law known as Daniel’s Law. Below,...more
With attention on Democratic Attorneys General vowing to fill the void left by weakened federal regulators, and perhaps a more partisan divide on enforcement generally, a bipartisan consensus is quietly emerging in the states...more
Starting April 3, Ohio hospitals will have to navigate new requirements under House Bill 173. This law mandates greater transparency in healthcare pricing. It also includes rules for selling or targeted advertising related to...more
On February 26 2025, the California Privacy Protection Agency (CPPA) published its first annual report for 2024 (Report). The Report highlights that the CPPA recovered more than USD170,000 of administrative fines for data...more
On March 6, the California Privacy Protection Agency (CPPA) proposed amendments to the data broker registration regulations pursuant to the California Delete Act that would introduce new definitions and requirements for data...more
On February 14, 2025, New York’s Governor Hochul signed into law A.B. 920, which amended the state’s Information Security Breach and Notification Act to add personal health information to the types of data that constitute...more
On March 12, 2025, the California Privacy Protection Agency (Agency) announced its first non-data broker enforcement action requiring a vehicle manufacturer to pay an administrative fine of $632,500 in connection with the...more
Last week, the Board of the Enforcement Division of the California Privacy Protection Agency (Agency) approved a settlement with California-based data broker Background Alert, Inc., requiring Background Alert to cease its...more
Keypoint: In this post: (1) How a privacy policy can defeat a plaintiff’s “delayed discovery” argument; (2) Two CA state courts reject plaintiffs’ allegations concerning personal jurisdiction; (3) Three courts dismiss PR/TT...more
Businesses that sell data regarding California residents have been put on notice by the California Privacy Protection Agency’s (the CPPA’s) recent aggressive enforcement of the California Delete Act. On October 30, 2024, the...more
In recent months, the California Privacy Protection Agency (CPPA) has stepped firmly into a role as the nation’s leading data broker regulatory and enforcement agency....more
AT A GLANCE - As the digital world becomes an integral part of children's lives, state legislatures are placing greater emphasis on regulating how companies handle children’s personal information. This Legal Update...more
According to one survey, Florida is fourth on the list of states with the most reported data breaches. No doubt, data breaches continue to be a significant risk for all business, large and small, across the U.S., including...more