Data processing begins even before the data is received. A recent ruling of the Supreme Court of Spain clarifies the scope of GDPR obligations and the implications extend to the
Continue Reading GDPR Processing Begins at the Data Request: What a Spanish Supreme Court Decision Signals for U.S. Privacy ComplianceOdia Kagan
Contact:Read more about Odia Kagan
When AI Meets the FCRA: What the Eightfold Class Action Means for Employers and HR Technology Providers
By Odia Kagan on
An estimated 87% of companies now using AI-driven tools in their recruitment processes, and that figure has nearly doubled in just two years. AI-powered platforms can ingest millions of candidate…
Continue Reading When AI Meets the FCRA: What the Eightfold Class Action Means for Employers and HR Technology ProvidersEmployee Privacy Rights Under CCPA: CalPrivacy Calls for Comments
By Odia Kagan on
Among US states, California is the only one that treats employees as full “consumers,” providing them the right to an employee notice and an applicant notice and employee rights. While…
Continue Reading Employee Privacy Rights Under CCPA: CalPrivacy Calls for CommentsYour Website’s Pixels May Be Wiretaps: 10 Questions Every Business Should Ask About CIPA
By Odia Kagan on
The plaintiffs’ bar has been ramping up lawsuits under the California Invasion of Privacy Act (CIPA) and federal and state wiretapping statutes for years, and the wave is not receding.
Continue Reading Your Website’s Pixels May Be Wiretaps: 10 Questions Every Business Should Ask About CIPAYour Cookie Banner Might Be Working Against You: Two Compliance Traps to Avoid
By Odia Kagan on
The plaintiffs’ bar has been ramping up lawsuits for alleged violations of state and federal wiretapping laws (e.g., California CIPA, Florida SCA, Federal ECPA) for many months now. Historically, the…
Continue Reading Your Cookie Banner Might Be Working Against You: Two Compliance Traps to AvoidFor Whom the Discovery Tolls: Your Privacy Notice May Help Time-Bar Website Wiretapping Claims
By Odia Kagan on
In a recent decision out of the Northern District of California, the court held that a website operator’s privacy policy, even one presented in a passive, browse wrap-style hyperlink, can…
Continue Reading For Whom the Discovery Tolls: Your Privacy Notice May Help Time-Bar Website Wiretapping ClaimsPlatform liability after Russmedia: Italian DPA Fines Platform for Allowing Phone Number in Sex Work Ads Without Consent
By Odia Kagan on
By Odia Kagan
How far does a platform’s responsibility extend when a user posts someone else’s personal data in a classified ad, especially one involving sensitive subject matter like sex…
Continue Reading Platform liability after Russmedia: Italian DPA Fines Platform for Allowing Phone Number in Sex Work Ads Without ConsentCourt Allows Sharing of Medical Information Claim to Proceed Under ECPA
By Odia Kagan on
A new federal court decision denied a motion to dismiss in a case alleging Federal Electronic Communications Privacy Act (ECPA) claims arising from the sharing of health information through a…
Continue Reading Court Allows Sharing of Medical Information Claim to Proceed Under ECPAFTC’s New Strategic Plan: Reports of the Death of FTC Privacy Enforcement Have Been Greatly Exaggerated
By Odia Kagan on
The FTC just published its Strategic Plan for FY 2026–2030. What does it actually mean for privacy compliance? Quite a lot, as it turns out. Here’s a breakdown.
Telemarketing
… Continue Reading FTC’s New Strategic Plan: Reports of the Death of FTC Privacy Enforcement Have Been Greatly ExaggeratedWhat Hospitality HR, Operations and Leadership Need to Know About Data Privacy and AI
By Odia Kagan on
As hospitality businesses increasingly rely on digital tools, automation, biometrics, and AI‑enabled services, their collection and use of personal data has expanded significantly. With that expansion comes a corresponding rise…
Continue Reading What Hospitality HR, Operations and Leadership Need to Know About Data Privacy and AI