Legal AI in Practice: Firm Governance, Build vs. Buy Decisions, and Vendor Due Diligence — The Good Bot Podcast
Point-of-Sale Finance Series: Understanding State Licensing for Nonbank Providers — The Consumer Finance Podcast
(Podcast) The Briefing - Studios Beware: The Danger of the Beauty and the Beast Copyright Decision
Innovation in Compliance: Brad Stevens: Part 1 - Transforming Outsource Perceptions
Podcast — EU Data Act: Spotlight on Switching Requirements for Data Processing Services
Compliance into the Weeds: Fracht - The Bonkers Sanctions Case
DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
Key point: In this post: (1) increase in ECPA litigation as courts extend “crime tort” exception beyond health care; (2) service provider wins again against wiretapping claim; (3) defendants lose standing arguments in federal...more
Today I left the house again. I thought my life would be simple, maybe settle into a spreadsheet and hang out for a while. Instead, I’m a frequent flyer in every modern organization. I have more passport stamps than a travel...more
Cybersecurity and data privacy provisions should be a central consideration whenever parties negotiate contracts involving third‑party service providers who will access or process business data. This applies across a broad...more
On November 17, 2025, Ontario’s Information and Privacy Commissioner (ON IPC) and Alberta’s Office of the Information and Privacy Commissioner (AB OIPC) each released their findings from their investigations into a...more
Here are the five primary risk areas when a company uses AI in a supportive or assistance-based role as opposed to an algorithmic-based use case....more
From my perspective, hopefully a reasonable one, there is a little too much AI-Risk Hype. Not to belittle the experts or ignore potential risk concerns but this is getting a little carried away....more
Businesses across many industries are racing to capture the value of artificial intelligence (AI) notetakers and meeting recording tools. The promise is obvious: faster follow‑ups, searchable records, and fewer dropped...more
Recently, the NCUA published a list of resources aimed toward guiding credit unions implementing AI or partnering with AI third-party vendors. The publication noted that while AI presented significant opportunities for...more
As we have discussed in prior posts, AI-enabled smart glasses are rapidly evolving from niche wearables into powerful tools with broad workplace appeal — but their innovative capabilities bring equally significant legal and...more
Artificial intelligence has quickly shifted from an innovative experiment to a core operational tool across industries. As business teams explore new AI service providers—ranging from automated analytics engines to...more
With the news that over 70% of S&P 500 companies provide some sort of AI-related risk factors in their SEC disclosures, it’s a good time to review the type of risk factors that you might want to consider – of course,...more
Update (Jan. 2026): In April 2025, REGucation published a post analyzing the Nevada Supreme Court’s initial decision in Clark County School Dist. v. Eighth Jud. Dist. Ct. in & for Cnty. of Clark, 564 P.3d 863 (2025). The...more
On December 22, the National Credit Union Administration (NCUA) updated its Artificial Intelligence (AI) resource page to consolidate key technical and policy references for federally insured credit unions. The page sits...more
Effective January 1, 2026, Equifax increased the cost of employment verifications completed through The Work Number. The new pricing is set by Equifax, not by screening vendors....more
Financial regulators including the Securities and Exchange Commission (“SEC”) continued to focus on data protection and cybersecurity issues throughout 2025....more
700Credit, a Michigan-based company that runs credit checks and identification verification services for automobile dealerships nationwide, has announced that an “integrated partner” was compromised, allowing a bad actor to...more
Companies operating websites accessible to California residents (essentially all websites) should anticipate continued, and most likely increased, actual and threatened litigation under the California Invasion of Privacy Act...more
The Morrison Foerster Data, Cyber + Privacy team provides creative, practical advice across every stage of the information lifecycle, from navigating complex privacy laws and managing breach response to litigating data...more
The SEC's 2024 amendments to Regulation S-P introduce the most comprehensive update to federal privacy and data security standards for SEC-regulated institutions since the rule was adopted. While the amendments are directed...more
Asset managers generally have fiduciary duties to their clients, including the duty of care and the duty of loyalty. These duties require, among other things, appropriate diligence in selecting, engaging and overseeing AI...more
Selected U.S. Privacy & Cyber Updates - SEC Dismisses Remaining Claims Against SolarWinds - On November 20, 2025, the Securities and Exchange Commission (SEC) dismissed its landmark enforcement action against SolarWinds Corp....more
On November 17, the SEC’s Division of Examinations published its 2026 examination priorities, outlining key areas of regulatory focus for the upcoming year. ...more
Over the last several years, plaintiffs’ attorneys and other individuals have used antiquated wiretapping laws, including California’s 1967 wiretapping act, to allege that businesses with websites utilizing third parties and...more
Businesses may be feeling a bit of whiplash from a recent federal court ruling on California’s wiretapping law and should be on alert for whether their website tracking technology could be used to file a viable lawsuit. On...more
Claimants are reviving a 1960s-era wiretapping law to challenge common website tracking tools – including pixels, session replay, chat widgets, and more. Data privacy and compliance professionals navigate an increasing number...more