The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
The Italian Data Protection Authority has adopted an updated version of a guideline document on email retention that it originally issued in December 2023, but which had been suspended....more
In 1999, computer scientist Kevin Ashton coined the term “the Internet of Things” (“IoT”) in order to put a name to his idea of using RFID chips to track items as they moved throughout a supply chain. “Though there is no...more
The FTC is proposing significant changes to the Children’s Online Privacy Protection Act (COPPA) rule to place new restrictions on the use and disclosure of children’s personal information. The COPPA Rule requires websites...more
Effective November 1, 2023, the New York Department of Financial Services issued its second amended Cybersecurity Regulation (the “Regulation,” 23 NYCRR Part 500). The amendment follows extensive public comments, some of...more
Join Troutman Pepper Partner Chris Willis as he discusses the New York Department of Financial Services’ (NYDFS) latest updates to its cybersecurity regulations with Troutman Pepper Privacy + Cyber Partner Kim Phan. With data...more
Editor’s note: This post was originally published in October 2020 and has been updated for accuracy and comprehensiveness. They say more is better. And that’s true in many cases, but not when we’re talking about a stockpile...more
Tech Vendors and Cybersecurity – Are They Responsible? It has long been recommended that when you contract with a technology vendor that you include an indemnity clause in the contract wherein the vendor will indemnify you...more
Licensees of the New York Department of Financial Services (“DFS”) should be tracking the proposed amendments to the DFS Cybersecurity Regulation. All covered entities under the Regulation will need to revisit their...more
The New York Department of Financial Services (“DFS”) released their proposed second amendment to the Cybersecurity Regulation, 23 NYCRR Part 500 (“Proposed Second Amendment”) on October 9, 2022....more
When it comes to ensuring enterprise data is safe, understanding recent rulings from different regulatory bodies and how they affect your organization is a vital first step, followed by reasonable measures to further...more
On June 3, 2022, Senator Wicker (R-Miss.), Ranking Member of the Senate Commerce Committee, and Representatives Pallone (D-N.J.) and Rodgers (R-Wash.), Chairman and Ranking Member of the House Energy and Commerce Committee,...more
Efforts to secure systems and data from a cyberattack often focus on measures such as multifactor authentication (MFA), endpoint monitoring solutions, antivirus protections, and role-based access management controls, and for...more
Companies and consumers alike are under perpetual assault from bad actors as IoT, work from home, and cloud migration – all intended to improve productivity – have expanded the cyber attack surface. The continually evolving...more
Welcome to the latest edition of Updata - the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and...more
On 19 February 2021, CNIL released guidance on the use of chatbots in compliance with data protection law (the Guidelines). The CNIL notes that in order to operate the chatbots, controllers will often need to process personal...more
In this month's edition, we examine the European Commission's Digital Services Act and its potential regulatory impact, the National Institute of Standards and Technology's draft guidance on internet-of-things devices'...more
This is the time of the year in which we look back to what has happened during the last 12 months and try to get ready for what is to come. This can be done in many ways, although one of the most common practices is to rely...more
The Situation: On October 6, 2020, the Court of Justice of the European Union ("CJEU") held that the national security laws of the United Kingdom, France, and Belgium, which each require that providers of electronic...more
As technology plays an increasing role in our society, organizations should ensure they are aware of the contractual, privacy and risk mitigation best practices associated with emerging technologies. Below are five key...more
Every organization needs to develop an effective data retention policy to gain visibility and control over its information. But given the increasing complexity of today’s data systems and the constantly evolving regulatory...more
As more organizations find themselves under scrutiny for the way they collect and use consumer data, maintaining CCPA compliance has never been more important. CCPA has been introduced to give control back to consumers,...more
It’s tough complying with data privacy laws. You spend gazillions of dollars complying with GDPR, and then you have to spend a bunch more in response to the California Consumer Privacy Act (CCPA). Job done, right? Not...more
United States Senator Jerry Moran (R. Kan.), Chairman of Commerce Subcommittee on Consumer Protection, has introduced legislation, Senate Bill 3456, to establish a national standard for protecting consumer data and personal...more
On January 30, Rep. Kathy Castor (D-FL) introduced H.R. 5703, the Protecting the Information of our Vulnerable Children and Youth Act (Kids PRIVCY Act) that would expand requirements under the Children’s Online Privacy...more
The words “hodgepodge” and “patchwork” are overused in the world of risk and compliance, but they’re certainly appropriate for describing the myriad data privacy regulations popping up around the world. In 2018, the world...more