Podcast - Decoding the Future of AI Regulation and Frontier Models
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
Podcast - Robots, Rights and New Tech: Balancing Innovation and Data Privacy
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 211: Cybersecurity and Privacy Risks for the Healthcare Industry with Brandon Robinson of Maynard Nexsen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity – Part 1 — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
The New York Attorney General’s Office recently settled with Albany ENT & Allergy Services over claims that the healthcare provider failed to protect over 200,000 consumers’ private health information. The claims stem from...more
Pennsylvania AG Michelle Henry announced the launch of an online portal to report data breaches ahead of the effective date of recent amendments to Pennsylvania’s Breach of Personal Information Notification Act (BPINA)....more
A biotech company recently settled with three AGs over allegations that it had failed to protect consumer information. According to the AGs of Connecticut, New York and New Jersey, this led to a 2023 data incident. The...more
On May 8, 2024, Paul Hastings Hosted the Cybersecurity Law Workshop at this spring’s Privacy + Security Forum with a panel on perspectives from cybersecurity regulators. The panel was moderated by Paul Hastings Global Chair...more
On February 1, 2024, the Connecticut Office of the Attorney General (the “OAG”) issued a report mandated by the Connecticut Data Privacy Act (the “CTDPA”), Conn. Gen. Stat. § 42-515 et seq. (the “Report”), which Report is...more
The evolving use of artificial intelligence (AI) across different industries has thrust states into a difficult and rapidly developing regulatory arena. State Attorneys General have and will continue to play an essential role...more
On February 1, 2024, the Connecticut Office of the Attorney General (“OAG”) issued a Report to the General Assembly’s General Law Committee (“Report”), summarizing the OAG’s enforcement efforts during six months since the...more
It is indeed a tangled regulatory web woven to potentially trap an organization in the wake of a data incident. Navigating this web can involve significant resources, time, and stress. As we discussed in part two of this...more
A data breach that exposed sensitive data collected in genetic testing that could potentially be used to target vulnerable populations has attracted the attention of Connecticut AG William Tong. In Episode 9, Chris Allen and...more
In yet another example of its focus on imposing greater data security accountability, the New York Attorney General (“NYAG”) recently announced a significant settlement with Marymount Manhattan College (“the College”). The...more
On October 17, 52 state and territorial attorneys general, in addition to state money transmission regulators, entered into settlements amounting to more than $20 million with ACI Worldwide (ACI), to resolve claims involving...more
Texas recently amended its breach notification statute to shorten the time businesses have to notify the state Attorney General after a data breach affecting 250 or more Texas residents. As of September 1, businesses must...more
This summer has been hot all around, but perhaps the hottest topic on the minds of state attorneys general (AGs) continues to be artificial intelligence (AI). As we recently heard from Colorado Attorney General Phil Weiser,...more
The AGs of Oregon, New Jersey, Florida, and Pennsylvania settled with EyeMed Vision Care LLC to resolve allegations that the company violated state consumer protection and personal information protection laws, as well as the...more
On April 19, 2023, the New York Attorney General (AG) published “Protecting Consumer’s Personal Information: Tips for Businesses to Keep Data Safe and Secure,” outlining data security best practices based on the AG’s...more
Drawing from her experience investigating and prosecuting businesses in the aftermath of cybersecurity breaches, New York Attorney General Letitia James released a guide to help companies implement effective data security...more
New York Attorney General Letitia James announced on March 27, 2023 that she had levied a fine against law firm Heidell, Pittoni, Murphy & Bach LLP for failing to secure personal and health information of clients exposing the...more
On February 16, 2023, the Attorneys General of Ohio and Pennsylvania announced a settlement with Ohio-based DNA Diagnostics Center (“DDC”) for a 2021 data breach which involved 2.1 million residents nationwide, including the...more
The FTC finalized an order with Chegg, Inc. regarding alleged poor data security practices that lead to at least four separate data breaches at the education technology company in which users’ and employees’ personal...more
The New York and Pennsylvania AGs settlement with Herff Jones from late last year provides guidance to businesses about expected security measures as we enter into 2023. The case arose after Herff Jones, producer and seller...more
New York’s Attorney General Letitia James recently secured a $1.9 million settlement from online retailer Zoetop Business Company, Ltd. to settle allegations that Zoetop had improperly handled a 2018 data breach and...more
October was a busy month in New York for cybersecurity enforcement. In addition to a $4.5 million settlement between the New York Department of Financial Services and EyeMed Vision Care (discussed in a forthcoming blog post),...more
New York AG Letitia James secured a $1.9 million settlement with online fashion retailer Zoetop Business Company, Ltd. – which owns and operates popular e-commerce brands SHEIN and ROMWE – and SHEIN Distribution Corporation...more
Government agencies at the state and federal levels are increasingly training their sights on the cybersecurity resiliency of companies in an array of industries. The US Securities and Exchange Commission has proposed rules...more
State Attorneys General settle with Wawa, Inc. for 2019 data breach that compromised approximately 34 million payment cards used by consumers. On July 26, 2022, Acting New Jersey Attorney General Matthew J. Platkin...more