In 2020, California was the first mover in state comprehensive privacy law legislation, a distinction it held for approximately three years before other| Password Protected
Amazon’s recent announcement to invest at least $20 billion in cloud computing and AI data center campuses across Pennsylvania — a record‑breaking private| Password Protected
On May 20, 2025, the Senate cleared procedural obstacles to consider the GENIUS Act on the Senate floor. Originally introduced on Feb. 4, by Senator Bill| Password Protected
Many an unhappy modern tale arises when a cyber predator suggests to his victim that they transition their dealings from the virtual world to a meeting “IRL” – “in real life.” But the perils that arise when the internet meets the “real world” are not limited to vulnerable individuals: advances in technology, coupled with the ingenuity of malefactors, create the real risk that acts taking place wholly within cyberspace can have substantial impacts “in real life” – in th...| Password Protected
On June 3, 2025, the California Senate unanimously voted to amend the California Invasion of Privacy Act (“CIPA”) to exclude cookies and other commonly| Password Protected
In a recent decision, the U.S. District Court for the Northern District of California has construed the private right of action provision under the| Password Protected
On March 7, 2025, the California Privacy Protection Agency (“CPPA”), which is tasked with enforcing the California Consumer Privacy Act (“CCPA”) entered a Stipulated Final Order (“Order”) with American Honda Motor Co., Inc. (“Honda”), fining Honda $632,500. This Order is instructive as to CPPA’s views on various topics covered by the CCPA. Among other things,... Continue Reading| Password Protected
On January 10, 2025, in the waning days of the Biden Administration, the Consumer Financial Protection Bureau issued a Request for Information Regarding the Collection, Use, and Monetization of Consumer Payment and Other Personal Financial Data. The Request signals the Bureau’s strong concern with the ways financial institutions, and particularly new financial tools like widespread... Continue Reading| Password Protected
The Federal Communications Commission (FCC) announced on Jan. 24, 2025, that its highly anticipated one-to-one consent rule was postponed by at least one year. This is big news for companies that were gearing up for the implementation of the rule, which would have significantly altered the requirements for obtaining consent to place calls or text... Continue Reading| Password Protected
In response to increased cybersecurity threats and significant regulatory enforcement actions, on Dec. 27, 2024, the Department of Health and Human Services (HHS) issued a Notice of Proposed Rulemaking seeking to enhance cybersecurity protections under the Security Rule implemented pursuant to the Health Insurance Portability and Accountability Act of 1996. While the proposed rule is... Continue Reading| Password Protected
As public companies’ reliance on remote work, cloud computing and digital payments increases, so too does the cybersecurity risk. Recognizing this, the SEC finalized rules and regulations in September 2023 requiring new cybersecurity-related disclosures from public companies. In prior efforts to improve consistency and accuracy of public company cybersecurity risk disclosures, the SEC issued interpretive... Continue Reading| Password Protected
On Oct. 22, 2024, the Securities and Exchange Commission (SEC) announced settled charges against four current and former public companies, Unisys, Avaya| Password Protected
A study by the International Association of Privacy Professionals has found that 28,000 data protection officers (DPO) will be needed in the next two| Password Protected
On Feb. 6, 2024, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced a $4.75 million settlement with New York non-profit health system Montefiore Medical Center over alleged malicious insider conduct that caused potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. This settlement follows two other recent investigations that led to OCR’s first-ever settlements stemming from ransomware and phishing...| Password Protected
