Connecticut has enacted a sweeping new data broker law (SB 4, as amended by HB 5222), making it one of a growing number of states to regulate the collection, sale
Continue Reading Connecticut’s New Data Broker Law (SB 4): What Businesses Need to KnowGeneral Privacy & Data Security News & Developments
Colorado’s PTFA Litigation Wave: Liability for Listing Cell Phone Numbers Without Consent and Why It Puts Data Brokers at Risk
If you list cellphone numbers in a directory for a commercial purpose without consent, you could be liable under the Colorado Prevention of Telemarketing Fraud Act, Colo. Rev. Stat. §…
Continue Reading Colorado’s PTFA Litigation Wave: Liability for Listing Cell Phone Numbers Without Consent and Why It Puts Data Brokers at RiskNew York Set to Ban Key AI Companion Chatbot Features for Minors in First‑of‑Its‑Kind Law
New York just is set to become the first state in the US to outright prohibit certain AI companion features for minors. The bill has passed both houses and is…
Continue Reading New York Set to Ban Key AI Companion Chatbot Features for Minors in First‑of‑Its‑Kind LawVermont Amends Its Data Broker Law: What Do You Need to Know?
Last week, Governor Phil Scott signed Act 138, amending Vermont’s data broker law. The operative provisions go into effect January 1, 2027.
So what should companies be focusing on?…
Continue Reading Vermont Amends Its Data Broker Law: What Do You Need to Know?CIPA Personal Jurisdiction: Nationwide Call Recording and Analytics Deployment Fails “Express Aiming” Test in Central District of California
A nationwide call recording and analytics service, uniformly deployed nationwide, that merely operates in California is not sufficient, standing alone, to establish specific personal jurisdiction under the California Invasion of
… Continue Reading CIPA Personal Jurisdiction: Nationwide Call Recording and Analytics Deployment Fails “Express Aiming” Test in Central District of CaliforniaData Minimization Under Scrutiny: Hungarian DPA Decision Signals Risk for U.S. Employers
A recent decision by Hungary’s Data Protection Authority (NAIH) offers a deceptively modest outcome, a €5,000 fine, but sends a much stronger signal on the evolving expectations around data minimization…
Continue Reading Data Minimization Under Scrutiny: Hungarian DPA Decision Signals Risk for U.S. EmployersGDPR Processing Begins at the Data Request: What a Spanish Supreme Court Decision Signals for U.S. Privacy Compliance
Data processing begins even before the data is received. A recent ruling of the Supreme Court of Spain clarifies the scope of GDPR obligations and the implications extend to the…
Continue Reading GDPR Processing Begins at the Data Request: What a Spanish Supreme Court Decision Signals for U.S. Privacy ComplianceWhen AI Meets the FCRA: What the Eightfold Class Action Means for Employers and HR Technology Providers
An estimated 87% of companies now using AI-driven tools in their recruitment processes, and that figure has nearly doubled in just two years. AI-powered platforms can ingest millions of candidate…
Continue Reading When AI Meets the FCRA: What the Eightfold Class Action Means for Employers and HR Technology ProvidersEmployee Privacy Rights Under CCPA: CalPrivacy Calls for Comments
Among US states, California is the only one that treats employees as full “consumers,” providing them the right to an employee notice and an applicant notice and employee rights. While…
Continue Reading Employee Privacy Rights Under CCPA: CalPrivacy Calls for CommentsYour Website’s Pixels May Be Wiretaps: 10 Questions Every Business Should Ask About CIPA
The plaintiffs’ bar has been ramping up lawsuits under the California Invasion of Privacy Act (CIPA) and federal and state wiretapping statutes for years, and the wave is not receding.
Continue Reading Your Website’s Pixels May Be Wiretaps: 10 Questions Every Business Should Ask About CIPA