Attorney, Data protection and State law

Privacy Law: Status of Legal Practice Area in 2025

Martindale-Avvo

APRIL 30, 2025

Privacy law is a growing and dynamic area of practice for many attorneys. A wave of state legislation with data protection requirements places new obligations on businesses and public institutions. The history of privacy law The roots of privacy law in the U.S. go back further than one might think.

Law

Law Law Federal law Data protection

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

3 Geeks and a Law Blog

JULY 11, 2023

Ellington explains that the impetus for creating SessionGuardian came from working with a law firm to secure their work with eDiscovery vendors and contract attorney staffing agencies. Leib says attorneys must take responsibility for cyber defenses, not just rely on engineers. What really appealed to me about SessionGuardian.

Law firm

Law firm Time-tracking Due diligence Attorney

The FCC Expands Scope of Data Breach Notification Rules

Inside Privacy

JANUARY 4, 2024

This Order follows recent activity from the FCC’s Privacy and Data Protection Task Force , including the announcement last month of a partnership between the FCC and state attorneys general on data privacy enforcement.

Data protection

Data protection Federal law State law Attorney

Webinars

No Objections: Better Case Management with AI for Paralegals

MORE WEBINARS

Debevoise Authors 2022 Edition of the PLI Privacy Law Answer Book

Debevoise Data Blog

DECEMBER 1, 2021

Information Privacy Law. With a thorough discussion of the nuances related to advertising and tracking, this section also covers the new privacy laws impacting the industry, including updates stemming from the CCPA, the Virginia Consumer Data Protection Act (VCDPA), and the Colorado Privacy Act.

Law

Law Law Data protection Litigator

Utah Joins the Comprehensive State Privacy Law Club

Debevoise Data Blog

APRIL 29, 2022

The UCPA, effective on December 31, 2023, is largely consistent with other comprehensive state privacy laws, but includes several key differences. The UCPA is set to be reviewed by the attorney general who must submit a report to the legislature by July 1, 2025.

Law

Law Law Data protection Attorney

Getting Ready for 2023: What Companies Can Do Now to Prepare for New Privacy Laws

Debevoise Data Blog

DECEMBER 16, 2021

The Virginia Consumer Data Protection Act (“VCDPA”) and amendments to the California Consumer Privacy Act (“CCPA”)—enshrined in the California Privacy Rights Act (“CPRA”)—take effect on January 1, 2023. These developments have companies understandably concerned about complying with a patchwork of state laws.

Data protection

Data protection Compliance Law Law

Your Go-To Contract Risk Assessment Checklist

Percipient

MAY 8, 2025

Are confidentiality and data protection covered? If that data isnt properly protected, it opens the door to potential risks that could hurt your reputation or lead to legal trouble. Also, check which states laws apply and what venue or court disputes will be heard.

Dispute resolution

Dispute resolution Intellectual Property Time-tracking Data protection

Connecticut’s Next Generation Data Privacy Law

Debevoise Data Blog

MAY 23, 2022

Like other state privacy laws, the CTPA contains a number of entity-based and data-based exemptions, including financial institutions covered by the Gramm-Leach-Bliley Act, national securities associations that are registered under the Securities Exchange Act of 1934, and data regulated by the Fair Credit Reporting Act, among other exemptions.

Law

Law Law Compliance Attorney

Face Forward: Strategies for Complying with Facial Recognition Laws

Debevoise Data Blog

OCTOBER 18, 2021

Failure to cure and notify could be costly: the law authorizes individuals to collect damages per violation plus attorneys’ fees. Notably, the law does not apply to the use of biometric identifiers “by government agencies, employees or agents.” Washington’s law does not require written consent.

Law

Law Law Court Time-tracking

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

Legal Tech Monitor

JULY 11, 2023

Ellington explains that the impetus for creating SessionGuardian came from working with a law firm to secure their work with eDiscovery vendors and contract attorney staffing agencies. Leib says attorneys must take responsibility for cyber defenses, not just rely on engineers. What really appealed to me about SessionGuardian.

Law firm

Law firm Time-tracking Due diligence Attorney

What the ADPPA Means for U.S. Data Regulation

Debevoise Data Blog

JULY 12, 2022

Even if not enacted, its provisions are likely to influence a future federal privacy law. And, in many ways, the ADPPA may set a new minimum standard that will shape any state laws passed to fill the void left by the lack of a federal privacy law. We’ve previously written about the development of U.S. ADPPA § 302(a).

State law

State law Federal law Compliance Data protection

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

Debevoise Data Blog

OCTOBER 26, 2021

It would also prohibit disclosure of such data, with limited exceptions. The bill would provide for a private right of action that allows consumers to obtain damages of no less than $5,000 per violation, as well as attorneys’ fees. Have individuals received notice that their biometric identifiers are being collected?

Compliance

Compliance Federal law Data protection Machine learning

New Privacy Legislation in the U.S.: The Patchwork Problem Grows

Debevoise Data Blog

JULY 9, 2021

further in the direction of European-style privacy law. Colorado and Nevada join California and Virginia in adding to the growing patchwork of disparate state laws — making it that much harder for any business seeking to have a single privacy program that is compliant everywhere.

Data protection

Data protection Attorney Compliance State law

A New Era of FTC Privacy and Cybersecurity Oversight: Top Ten Things Companies Should Know When Assessing FTC Compliance and Exposure

Debevoise Data Blog

JANUARY 14, 2022

The FTC even recently imposed individual liability on in-house counsel, but one Commissioner emphasized that the attorney was named based upon his actions while functioning in a business capacity rather than as an attorney. [21] He noted, however, that if the law was not sufficiently strong, he may be opposed to outright preemption.

Compliance

Compliance Court Litigator Litigation

Legal Tech Connection

Privacy Law: Status of Legal Practice Area in 2025

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

Webinars

Trending Sources

The FCC Expands Scope of Data Breach Notification Rules

Webinars

Debevoise Authors 2022 Edition of the PLI Privacy Law Answer Book

Utah Joins the Comprehensive State Privacy Law Club

Getting Ready for 2023: What Companies Can Do Now to Prepare for New Privacy Laws

Your Go-To Contract Risk Assessment Checklist

Connecticut’s Next Generation Data Privacy Law

Face Forward: Strategies for Complying with Facial Recognition Laws

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

What the ADPPA Means for U.S. Data Regulation

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

New Privacy Legislation in the U.S.: The Patchwork Problem Grows

A New Era of FTC Privacy and Cybersecurity Oversight: Top Ten Things Companies Should Know When Assessing FTC Compliance and Exposure

Stay Connected