On March 4, 2025, Amanda Witt of Kilpatrick, Ami Rodrigues of Under Armour, and Christina McCoy of Innova Solutions presented on how to build an AI governance program at the Privacy & Technology Law Forum (PTLF) for the State...more
With the passing of the first major compliance deadline of the EU AI Act on February 2, 2025, EU regulators have officially banned certain high-risk AI applications. Companies that develop or deploy AI systems must now...more
Starting January 2025, five state privacy laws will take effect, providing consumer privacy rights to a new swath of individuals across the country. Delaware, Iowa, Nebraska, and New Hampshire’s laws will go into effect on...more
As regulators worldwide continue to scrutinize the impact of AI on industries within their respective purviews, two key global agencies issued guidance in October 2024 that highlighted AI-based cybersecurity risks and best...more
10/30/2024
/ Artificial Intelligence ,
Banking Sector ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Financial Institutions ,
Financial Services Industry ,
Machine Learning ,
NYDFS ,
Risk Assessment ,
Risk Management
Use of California’s Auto Renewal Law as a predicate for UCL, FAL or CLRA claims has been a hotbed of consumer class action litigation. Now, the FTC has added a federal arrow to the consumer protection quiver by expanding its...more
As state-level privacy laws continue to expand in the absence of federal legislation, businesses must prepare to meet a growing patchwork of requirements or risk penalties and reputational harm. In 2025, eight additional...more
For companies who offer recurring subscriptions, it is important for them to understand the Federal Trade Commission’s recently finalized rule applicable to negative option marketing that requires such companies to make the...more
On May 16, 2024, the Illinois Legislature passed Senate Bill 2979 (SB2979), clarifying how damages are calculated under the Illinois Biometric Information Privacy Act (BIPA). 740 ILCS 14/1, et seq. This amendment confirms...more
On May 16, 2024, the Illinois Legislature passed Senate Bill 2979 (SB2979), marking a significant amendment to how damages are calculated under the Illinois Biometric Information Privacy Act (BIPA). This amendment refines the...more
In an era where children are increasingly immersed in the digital realm, concerns about their safety and privacy online have become a focal point for policymakers (even on both sides of the aisle) and parents alike. Several...more
The United States privacy landscape becomes more cluttered by the week. While most of the legal media is focusing on federal legislation coming out of Washington, the most significant privacy development in the United States...more
This year is proving to be just as an important year for privacy professionals as 2023. In our third installment of what privacy pros should know, we provide you with some highlights about the following important developments...more
In an era where digital privacy is increasingly under threat, the recent deepfake incident involving the globally renowned artist, Taylor Swift, has catapulted the issue of nonconsensual pornography to center stage. This...more
For the past several years, website owners that gather data from California residents have faced a surge in class action lawsuits and threatened lawsuits alleging violations of the California Invasion of Privacy Act (CIPA)....more
Class-action lawyers are adapting their legal tactics, moving away from suing companies under California's wiretap law and instead focusing on a new legal claim: the pen register theory....more
The California Privacy Protection Agency (the “Agency”) may start enforcing privacy regulations according to a recent decision from the California Third District Court of Appeal. The privacy regulations at issue stem from the...more
You may be feeling overwhelmed with the thought of having to comply with yet another state privacy law. However, New Jersey’s privacy bill is chock-full of significant exemptions that may ease your organization’s compliance...more
The Colorado Department of Law has published its Universal Opt-Out Shortlist under the Colorado Privacy Act (“CPA”). This is eagerly awaited guidance for organizations who are subject to the CPA as the guidance provides...more
On December 19, 2023, Rite Aid Corporation (Rite Aid) agreed to settle Federal Trade Commission (FTC) charges that it failed to take reasonable measures to prevent harm to consumers from its use of facial recognition...more
On December 8, 2023, the EU announced that Parliament and Council negotiators “had reached a provisional agreement on the Artificial Intelligence Act.” Negotiators had been under pressure to resolve differences to maintain...more
Given the increasing number of data privacy laws in the U.S., entering into appropriate data processing agreements (“DPAs”) with vendors has now become a critical component of vendor management. It can also be one of the most...more
The pace of privacy developments in 2023 has been breathtaking. Since our recent alert regarding Iowa’s comprehensive data privacy law and Colorado’s finalized rules, there have been a number of key developments in data...more
Background: The pandemic era ushered in exponential growth in the use of remote capabilities for all areas of life, with one of the most critical being the rise in telemedicine. Along with that expansion came an explosion in...more
Since 2021, the administrative code of the City of New York requires commercial establishments in New York City to post conspicuous signs by their entrances if these businesses are collecting customers’ biometric information...more
On March 28, 2023, Iowa became the sixth state to enact a comprehensive consumer privacy law. If the thought of having to comply with yet another state privacy law is causing a sense of panic, fret not. Iowa’s bill is largely...more