The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity – Part 1 — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
On September 24, 2024, the State Council released the Regulations on the Management of Network Data Security (《网络数据安全管理条例》) (“Regulations”). The Regulations focus on prominent issues related to Personal Information (PI),...more
We previously wrote about proposed changes to the definition of sensitive personal information under a June 2024 draft of the Guide for Sensitive Personal Information Identification (“Guide“). The Guide has now (September...more
As January 2025 privacy strategy planning ramps up this fall, our Privacy, Security, & Artificial Intelligence team has put together a planning alert for 2024–2025. In this installment, we review the following nine state...more
Actions in the last six months of the Brazilian National Data Protection Authority (“ANPD”) suggest that it intends to aggressively enforce the Brazilian Data Protection Law (“LGPD”). The LGPD applies to any entity that...more
The Israeli Privacy Protection Authority recently published a binding directive addressing the board of director’s responsibilities for the fulfillment of a company’s obligations prescribed in the Privacy Protection...more
X Agrees to Stop Processing EU Data to Train its Grok AI - Ireland’s Data Protection Commission (“DPC”) recently filed an urgent High Court application against X (formerly Twitter) for using the personal data of European...more
On August 6th, the Dutch Data Protection Authority (DPA) issued guidance cautioning companies about the potential data protection risks associated with the use of Artificial Intelligence (AI)-powered chatbots....more
If you are a business operating in the Sunshine and/or Lonestar state, then this alert is for you. As discussed further below, Florida recently issued regulations, effective July 18, 2024, clarifying certain requirements set...more
Introduction - Data protection is being driven by rapid technological advances and the increasing digitalization of society. Data protection legislation in Portugal is aligned with European Union law, in particular with...more
Introduction - The Brazilian General Data Protection Law (“LGPD”), enacted in 2018 and enforced since 2020, serves as the cornerstone of the country's data protection framework. Its primary objective is to ensure the...more
In Argentina, data protection is governed by comprehensive legislation aimed at safeguarding individuals' personal data. Below you will find an outline of the key aspects including governing legislation, exploring their scope...more
In Part I of our alert about China’s new safe harbor rules, we discussed key developments between the draft Provisions on Regulating and Facilitating Cross-Border Data Flow (Chinese version only) and the Provisions on...more
Six months after the Cyberspace Administration of China (the CAC) sought public consultation on the draft Provisions on Regulating and Facilitating Cross-Border Data Flow (the Draft Provisions, Chinese version only), the...more
In a sweeping, coordinated effort across federal agencies, the US government has taken a giant leap forward to prevent access to data that could be exploited to the detriment of national security. On February 28, 2024,...more
The White House announced that President Biden will sign an executive order designed to protect sensitive data of U.S. persons from exploitation by identified countries of concern. This executive order is expected to be...more
The U.S. cybersecurity and data privacy law framework continues to evolve and expand rapidly. Here, we share a summary of the eight new state data privacy and security laws that will take effect in 2024 and 2025. Businesses...more
On January 16, 2024, New Jersey Governor Phil Murphy signed into law Senate Bill 332 (the "New Jersey Data Privacy Law") making New Jersey the thirteenth state to adopt comprehensive data privacy legislation. This signing...more
The Consumer Finance Protection Bureau (CFPB) on Oct. 19, 2023, proposed a new Personal Financial Data Rights rule (Proposal) through which it seeks to increase competition in the financial sector. The Proposal was developed...more
Texas, long lauded as one of the most “business-friendly” states, has passed a comprehensive privacy law that will bring new regulations to consumer personal data. The new Texas Data Privacy and Security Act (“TDPSA”), H.B....more
In August 2022, the Consumer Financial Protection Bureau (CFPB) published a circular confirming that, under certain circumstances, entities may “violate the prohibition on unfair acts or practices in the Consumer Financial...more
WHAT YOU NEED TO KNOW IN A MINUTE OR LESS - The collection and storage of sensitive data can not only invite the attention of government agencies, but also that of putative class action plaintiffs. Government inquiries,...more
On May 4, 2022, the Connecticut legislature passed S.B. 6 entitled the “Connecticut Data Privacy Act” (CDPA) with the bill now moving to Governor Ned Lamont’s desk for signature. Although Governor Lamont is generally expected...more
A recent SEC settlement shed light on data security and privacy concerns that public companies should keep in mind when drafting and filing periodic reports. The SEC settlement concerned a 2018 data breach at Pearson Plc that...more
Despite its antecedents in one of the most widely cited law review articles of all time from more than 130 years ago, modern United States privacy law is roughly twenty years old. Even though still in its relative infancy,...more
On March 2, 2021, Virginia enacted the Consumer Data Protection Act (“VCDPA”). The VCDPA will become effective January 1, 2023. The VCDPA shares its roots with the California Consumer Protection Act (“CCPA”) and the recently...more