All Data Privacy articles
-
OpinionNavigating APAC data privacy laws: A compliance roadmap
Fragmented regulations across the APAC region are forcing compliance teams to rethink strategies that worked under GDPR.
-
ArticleDisney pays $2.75M to California for alleged privacy violations
Disney has agreed to pay $2.75 million to settle allegations by California that its streaming service sold the personal information of subscribers without their permission.
-
ArticleFTC warns brokers to stop selling U.S. military member data to foreign adversaries
Thirteen data brokers have been warned by the Federal Trade Commission to come into compliance with a 2024 law prohibiting the selling of the personal data of U.S. residents to foreign adversaries.
-
OpinionSafely leveraging generative AI: A practical guide for compliance leaders
Generative AI (GenAI) has moved rapidly from experimentation into day-to-day use across many organizations. Over the past year, teams have shifted from exploratory pilots to relying on these tools for core activities such as contract analysis, research, and software development.
-
News BriefFTC puts GM’s puts connected vehicle data practices under compliance spotlight
The U.S. Federal Trade Commission finalized its order against General Motors and its OnStar subsidiary over the improper usage of geolocation and driving behavior data of drivers.
-
PremiumEU moves to simplify GDPR and AI Act obligations, raising compliance questions for companies
For the past decade, Europe has led in creating strong but flexible rules for data use and safe AI development. The EU’s new plans to simplify key data privacy and AI governance measures have received a mixed response.
-
OpinionHow to make the business case to upgrade records management systems
Companies are giving their records management programs a makeover, and not for the reasons you may think. What used to be a sleepy back-office legal department function is now front and center, often driven by compliance teams. Organizations are discovering that a “save everything, forever” de facto policy doesn’t ...
-
PremiumU.K. data regulator pushes transparency on investigations
Plans to increase transparency around how the U.K.’s Information Commissioner investigates and fines companies should give businesses more clarity, but experts say the regulator still needs to explain how it will prioritize cases.
-
ArticleCompany agrees to report to FTC for 10 years for alleged student data lapses
A tech company that stores student information for schools has agreed to implement a data security program and report to the Federal Trade Commission for 10 years, after security failures led to data for 10 million students being breached.
-
ArticleCalifornia may create whistleblower program to root out privacy law violations
A California privacy agency plans to seek a whistleblower law, to encourage corporate employees and others to step forward with complaints about egregious privacy violations at their workplaces.
-
ArticleComplying with the EU Data Act – What companies should know
Companies could face significant compliance challenges in trying to meet new EU legal requirements about how companies share data with third parties.
-
PremiumNew EU Data Act may impact companies’ GDPR compliance efforts
New rules that have recently come into effect across the EU will allow for greater transfers of data between companies, though experts fear the changes could conflict with Europe’s strict privacy legislation, which protects personal information.
-
ArticleNine states collaborating on data privacy enforcement across state lines
Nine states are collaborating to write and enforce comprehensive data privacy laws, in an effort to protect consumers across jurisdictions and due to the absence of a broad, federal privacy law.
-
ArticleExtra-territorial rules: How to navigate global compliance complexity
Sanctions, tariffs, economic crime, big tech, data privacy, and environmental laws are expanding global compliance risks. Tougher penalties now reach deep into supply chains, making even small suppliers accountable to customers or regulators.
-
ArticleTractor Supply Company hit with $1.35M fine for alleged California privacy violations
Tractor Supply Company has agreed to get into compliance with California’s consumer privacy law and to pay a $1.35 million fine—the largest yet by California—to settle allegations it violated the privacy rights of customers and job applicants.
-
PremiumStudy: Compliance managers must set rules in race to adopt AI agents and copilots
More than half of all compliance teams are “actively using” or “piloting” AI applications, according to a Moody’s report. While most are focusing on streamlining routine tasks, some are developing AI agents and asking vital questions about AI decision-making.
-
ArticleGoogle hit with $425.6 million verdict in California privacy case
Google allegedly collected personal data from mobile devices without permission, violating California privacy laws, a jury ruled in awarding more than $425.6 million to class-action plaintiffs.
-
ArticleDigital wallets should speed up compliance, but companies must focus on trust and security
The EU has one, the U.K. is getting one, many U.S. states are working with Google and Apple to provide one, and now industry sectors are developing their own digital wallet.
-
ArticleCalifornia privacy regulator unveils new cyber, risk, and automation rules
Businesses operating in California will need to meet new, first-in-the-nation privacy requirements for cybersecurity, risk assessments, and automated decision-making technology, under a large expansion of rules by the state.
-
ArticleKentucky is latest state to file suit against Temu for alleged privacy violations
Kentucky took aim at Chinese company Temu, alleging in a lawsuit that it counterfeited popular Kentucky-designed merchandise and violated customers’ privacy.