Compliance Tip of the Day: Leveraging AI for Real-Time Third-Party Risk Management
Episode 365 -- Four Sanctions Cases Everyone Should Know
The Privacy Insider Podcast Episode 12: Compliance Is Good Business: Getting Beyond Fines with Tom Fox of Compliance Podcast Network
Bar Exam Toolbox Podcast Episode 296: Listen and Learn -- Third-Party Rights in Contracts (Part 1 - Rules)
Corporate Use of Third-Party Artificial Intelligence (AI) Tools
One Month to More Effective Written Standards: Day 17 – Policies for Third-Parties
Third Party Observation in Patent Prosecution in China
Consumer Finance Monitor Podcast Episode: Recent Federal and State Debt Collection Developments
Thobekile Cynthia Khumalo on Third Party Due Diligence
Protecting Trade Secrets When Facing Lawsuits or Alternative Dispute Resolution Procedures
Education Data Privacy and Security Laws: Best Practices for School Districts
Episode 162 -- Jessica Sanderson on How to Conduct a Remote Third Party Audit
VIDEO: Update on Third Party Workers’ Compensation Settlements in Pennsylvania
Episode 120: Interview of NAVEX Global Third-Party Risk Officials: Chris Bailey and Stephen Gooding
Subro Sense Podcast - Unpacking Product Claims Against Amazon
Business Succession Planning: Strategies for the Transition
E17: Carpenter Decision Builds Up Privacy from #SCOTUS
Day 17 of One Month to More Effective Continuous Improvement-Financial Health Monitoring
Day 6 of One Month to More Effective Continuous Improvement-Data Analytics and the Monitoring of Third Parties
FCPA COMPLIANCE REPORT-EPISODE 337, JAMES GELLERT ON ASSESSING 3RD PARTY FINANCIAL HEALTH FOR COMPLIANCE
If you are a GrubHub customer, read carefully. The app has confirmed a security incident involving a third-party vendor that allowed an unauthorized threat actor to access user contact information, including some customer...more
On January 13, 2025, Texas Attorney General’s Office filed its first lawsuit enforcing the Texas Data Privacy and Security Act (“TDPSA”). The law went into effect on July 1, 2024. The complaint also states claims under Texas’...more
Many governments are grappling with the question of how to regulate artificial intelligence to ensure it is adopted safely and used responsibly without hampering innovation. Governments have generally indicated similar...more
Anyone who thought blockchain would keep their cryptocurrency transactions private from the IRS needs to think again. According to the First Circuit’s recent holding, cryptocurrency users do not have a Fourth Amendment...more
Website owners often struggle to design privacy policies that are not only comprehensive, but also comprehensible. The tension between these competing concerns was in sharp focus in a recent Ninth Circuit decision, Calhoun v....more
On June 7, 2024, the New York Legislature passed two bills to protect children online. The Stop Addictive Feeds Exploitation (SAFE) for Kids Act, S7694A, prohibits social media platforms from providing defined "addictive...more
The Federal Trade Commission (FTC) has assumed the authority to enforce unauthorized data disclosures under the Federal Trade Commission Act (FTC Act). During the past three weeks, the FTC has used this authority to go after...more
On February 1, 2024, the Federal Trade Commission (FTC) announced that it had reached a proposed settlement with that would require Blackbaud Inc. (“Blackbaud”) to delete personal data it does not need to retain and upgrade...more
On 22 December 2023, the EU published Regulation (EU) 2023/2854, the Data Act, in the Official Journal of the EU. The Data Act is a new regulation providing harmonised rules on access to data, switching cloud providers and...more
On September 11th, Gov. John Carney (D) signed the Delaware Personal Data Privacy Act into law. The Act will take effect January 1, 2025. With the DPDPA on the books, the number of states with comprehensive privacy laws...more
Oregon recently joined Vermont and California as the third state requiring data broker registration before collecting, selling, or licensing “brokered personal data.” Several types of entities are exempt from the law. These...more
The SEC continued its recent onslaught of proposed cybersecurity rules in mid-March with three new proposals covering a litany of entities, including investment advisers, broker-dealers, investment companies, clearing...more
The case of Popa v. Harriet Carter Gifts, Inc. “began with a quest for pet stairs.” Plaintiff Ashley Popa searched Harriet Carter Gifts’ website, added pet stairs to her cart, but never completed the purchase. During her...more
Israel’s Privacy Protection Authority (PPA) recently published its position on the duty to inform when collecting and using personal data. This is an important position, as it clarifies how to design the interface with the...more
Keypoint: Organizations subject to these laws will need to determine whether they are engaging in “sales,” which can be a complex and multifaceted analysis given the statutes’ varying definitions and exemptions....more
What does the U.K. Information Commissioner’s Office have to say about what it takes for adtech initiatives to be compliant with data protection? “There is an opportunity for market participants to move towards developing...more
The development of alternative techniques to “third-party” cookies cannot be done at the expense of the right of individuals to protect their personal data and privacy, according to France’s Commission Nationale de...more
In 2018, the California Consumer Privacy Act (“CCPA”), which provides for an expansive array of privacy rights and obligations, was enacted. At the time, it was reasonable to wonder whether California’s bold example would...more
Even in the absence of a cross-border transfer of personal data from the European Union to a third country, if you are using a vendor that has a U.S. parent company, get ready to implement supplementary measures, says the...more
Website operators are not permitted to use cookies and similar tracking technologies for analysis and marketing purposes without the informed consent of users, if this involves sharing personal data with third parties and...more
Spanish data protection authority Agencia Española de Protección de Datos (AEPD) has published helpful guidelines on the data protection aspects of using mobile apps intended to control access to places of business while the...more
A little more than six months ago, we addressed the challenges businesses faced in complying with CCPA when it came to their use of third-party adtech such as pixels, beacons and trackers. In line with the evolving nature of...more
On March 6, 2020, the State Administration of Market Regulation of the People’s Republic of China (PRC) and the Standardization Administration of the PRC published an updated version of the “Information security...more
In line with the recent wave of regulations governing the use of personal data, the Personal Information Protection Act of Japan restricts the provision of personal data to third parties, with a particular focus on the...more
On January 6, 2020, Andrew Smith, Director of the Federal Trade Commission (FTC) Bureau of Consumer Protection, announced three significant improvements to the FTC’s approach to data security enforcement cases....more