Legal AI in Practice: Firm Governance, Build vs. Buy Decisions, and Vendor Due Diligence — The Good Bot Podcast
Point-of-Sale Finance Series: Understanding State Licensing for Nonbank Providers — The Consumer Finance Podcast
(Podcast) The Briefing - Studios Beware: The Danger of the Beauty and the Beast Copyright Decision
Innovation in Compliance: Brad Stevens: Part 1 - Transforming Outsource Perceptions
Podcast — EU Data Act: Spotlight on Switching Requirements for Data Processing Services
Compliance into the Weeds: Fracht - The Bonkers Sanctions Case
DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
Property and casualty insurers manage high volumes of regulated, document-driven communications, including policies, endorsements, billing statements, and legally required notices, that must be produced and delivered...more
Cyber law and practice have continued to evolve over the past 12 months. New laws and regulations have been unveiled or come into force, while enforcement authorities have sharpened their focus on issues including board...more
Here are the five primary risk areas when a company uses AI in a supportive or assistance-based role as opposed to an algorithmic-based use case....more
From my perspective, hopefully a reasonable one, there is a little too much AI-Risk Hype. Not to belittle the experts or ignore potential risk concerns but this is getting a little carried away....more
The National Institute of Standards and Technology (NIST) recently released their initial preliminary draft of NIST IR 8596, also known as the Cybersecurity Framework Profile for Artificial Intelligence. This new...more
WHAT: The FedRAMP Program Management Office (PMO) has released a “final set” of proposed changes to the FedRAMP process for authorizing and assessing the security of cloud services for federal consumption. The final proposed...more
We know that California has a lot of privacy laws, but the Shine the Light law is one of the oldest in the state, and it still catches businesses off guard because it is not about cookies or ad tech. It’s about who you share...more
The National Association of Insurance Commissioners’ (NAIC) Third-Party Data and Models (H) Working Group issued a preview of its breakout single: a proposed risk-based regulatory framework for third-party data and model...more
Cloud computing has been sold as elastic, on-demand access to virtually unlimited resources. However, the rapid growth of data-intensive and artificial intelligence–driven workloads has strained the availability of certain...more
Ransomware attacks continue to evolve in sophistication, disrupting operations and commanding the urgent attention of regulators, law enforcement and government agencies....more
The New York Department of Financial Services (“NYDFS”) implemented the final phases of amendments to its NYDFS Cybersecurity Regulation (23 NYCRR Part 500) in May and November....more
With the news that over 70% of S&P 500 companies provide some sort of AI-related risk factors in their SEC disclosures, it’s a good time to review the type of risk factors that you might want to consider – of course,...more
Procurement teams going to market for transportation and logistics services often seek a wide range of functional expertise across multiple jurisdictions. One essential question for service providers when developing or...more
While 2025 may have brought questions about the level of enforcement we would see from federal regulators, there was no question that state regulators would continue to be active, especially in the financial privacy space....more
Each year, there is a holiday surge in cyberattacks employing a wide range of attack vectors. This heightened activity can make organizations more vulnerable to legal and regulatory scrutiny. This is a good time to check your...more
As our readership is aware, the Application-to-Person (“A2P”) 10-digit long code (“10DLC”) ecosystem continues to evolve as mobile carriers refine their requirements for The Campaign Registry (“TCR”). The year 2025 saw a...more
The Financial Industry Regulatory Authority’s (FINRA) 2026 Annual Regulatory Oversight Report is the most current and comprehensive statement of FINRA’s priorities and expectations for member firms. It does not create new...more
The Morrison Foerster Data, Cyber + Privacy team provides creative, practical advice across every stage of the information lifecycle, from navigating complex privacy laws and managing breach response to litigating data...more
The almost daily prevalence of cyber-attacks has brought the issue of cybersecurity as a core governance responsibility to the front of mind of company boards. In 2024 alone, over 15 million cyberattacks were recorded...more
Asset managers generally have fiduciary duties to their clients, including the duty of care and the duty of loyalty. These duties require, among other things, appropriate diligence in selecting, engaging and overseeing AI...more
There is a particular type of sales pitch that shows up in inboxes when a market matures. One that promises growth without friction, national reach without regulatory headaches, and new customers without any need to rethink...more
Le 5 novembre 2025, Affaires mondiales Canada a publié l’Avis aux exportateurs no 1159 (les « lignes directrices »), qui précise les situations où l’utilisation des services infonuagiques constitue une exportation de...more
The truth is that a solid background screening program is really a compliance program in a friendlier outfit. Every disclosure, every consent, every adjudication note, every pause for adverse action, every state requirement...more
On November 17, the SEC’s Division of Examinations published its 2026 examination priorities, outlining key areas of regulatory focus for the upcoming year. ...more
On 4 December 2025, ASIC published Report 827, Insights from the ASIC Whistleblower Questionnaire: July 2024 to June 2025 (Report). The Report sets out the findings of a questionnaire conducted by ASIC into the whistleblowing...more