Compliance, Definition and State law

Privacy Law: Status of Legal Practice Area in 2025

Martindale-Avvo

APRIL 30, 2025

If you have a client who does business in multiple states, get to know the laws that might apply to them. Know the definitions. What information is subject to privacy protections can vary from state to state. The laws can change the definition of sensitive data with new amendments. Note the dates.

Law

Law Law Federal law Data protection

What is the Stored Communications Act? Understanding the SCA & Subpoena Compliance

Percipient

JULY 1, 2025

When law enforcement serves a warrant or a civil litigant serves a subpoena seeking your company’s electronically stored information, is your organization prepared to properly respond? This difference determines the legal process required for lawful disclosure. As noted above, disclosure is only permitted under specific exceptions.

Compliance

Compliance Litigator Litigation Failure-to-appear

Treasury’s Post-2024 RFI Report on AI in Financial Services – Uses, Opportunities, and Risks

Debevoise Data Blog

JANUARY 23, 2025

For internal uses, respondents emphasized the growing role of AI in compliance, risk management, and operations, with generative AI in particular enhancing tasks like report creation, data analysis, and detecting anomalies in anti-money laundering and sanctions compliance. Inconsistent State Laws.

Compliance

Compliance Intellectual Property Due diligence e-records

Webinars

No Objections: Better Case Management with AI for Paralegals

MORE WEBINARS

Building a Digital Future: Is America Ready for a Federal Digital Bill of Rights?

Richmond Journal of Law and Technology

MARCH 7, 2025

These include the scope through which the FDBR’s restrictive definition of “controller” would be applied federally, the potential to stifle innovation, and unclear enforcement methods. Nevertheless, there are some concerns with the FDBR that would likely pose significant challenges to the adoption of a federal version.

Compliance

Compliance Data protection Federal law Court

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

3 Geeks and a Law Blog

JULY 11, 2023

He announces SessionGuardian will offer free CLE courses on cybersecurity awareness and compliance. Firms should look beyond check-the-box compliance to make privacy and security central in their culture. So I definitely think data. Not all, I believe only one or two state laws in the US require it.

Law firm

Law firm Time-tracking Due diligence Attorney

Observing the Black Box: Transcend’s Brandon Wiebe’s Insights into Governing Emerging AI Systems (TGIR Ep. 218)

3 Geeks and a Law Blog

SEPTEMBER 5, 2023

So there’s corporate and IP and employment and all of that, and our own internal privacy compliance as well. So that’s definitely a, you know, the automation is definitely something that helps uncover, you know, the, the not just the good data that’s out there. So it definitely has impact cross functionally as well.

Time-tracking

Time-tracking Hearing Compliance e-records

Virginia Enacts Direct-to-Consumer Genetic Privacy Law as Numerous Other States Introduce Similar Bills

Inside Privacy

MARCH 31, 2023

These laws also contain exemptions related to clinical research and for PHI collected by a covered entity or business associate subject to HIPAA, and similarly exempt deidentified data, though we note the scope of each state laws’ exemptions are not identical.

Law

Law Law Compliance State law

The SEC Adopts Significant Cybersecurity Amendments to Reg S-P

Debevoise Data Blog

MAY 17, 2024

Firms will have either 18 or 24 months (depending on size) from the date of publication in the Federal Register to come into compliance. We discuss Reg S-P’s new and expanded requirements, as well as considerations for compliance, below. A comparison of Amended Reg S-P to the Proposed Amendments is available here. 17 CFR § 248.30(a)(3).

e-records

e-records Compliance e-filing Due diligence

Recently Enacted AI Law in Colorado: Yet Another Reason to Implement an AI Governance Program

Debevoise Data Blog

JUNE 11, 2024

state law developments all reinforce the incentives for companies to adopt AI governance programs. Create a roadmap for compliance. The Law includes a list of technologies that are expressly excluded from the definition of high-risk AI systems, including, e.g., calculators, databases, spreadsheets, and databases.

Law

Law Law Compliance Attorney

European Data Protection Roundup – November 2023

Debevoise Data Blog

DECEMBER 22, 2023

The intersection between GDPR compliance and AI has been the subject of detailed analysis in a previous blog post. Following concerns that ambiguities in the definitions gave rise to a risk of circumvention, the Guidelines clarified that: “Information” includes both non-personal and personal data, regardless of how it was stored and by whom.

Data protection

Data protection Time-tracking Compliance Machine learning

Debevoise Authors 2022 Edition of the PLI Privacy Law Answer Book

Debevoise Data Blog

DECEMBER 1, 2021

Information Privacy Law. Addressing the medical privacy essentials: HIPPA and the new challenges posed by the rise of telemedicine, especially during the Covid-19 pandemic, this chapter closely examines medical privacy and it contains helpful practice notes pertaining to HIPPA’s intricate definitions and requirements.

Law

Law Law Data protection Litigation

Connecticut’s Next Generation Data Privacy Law

Debevoise Data Blog

MAY 23, 2022

Here, we highlight key aspects of the CTPA with a focus on the provisions that companies should consider in their compliance preparations. We also provide an overview of the CTPA’s enforcement mechanisms and explain how the CTPA modifies prior laws’ safe harbor with a nod towards prosecutorial discretion. CTPA § 1(26). CTPA § 1(6).

Law

Law Law Compliance Attorney

Utah Joins the Comprehensive State Privacy Law Club

Debevoise Data Blog

APRIL 29, 2022

Bottom Line : While the narrower scope of consumer rights under the UCPA may ease compliance burdens, companies will need to determine whether they will be able to take a standardized approach for offering consumer rights under the UCPA and State Privacy Laws, or whether they will need to address rights on a state-by-state basis.

Law

Law Law Data protection Attorney

Observing the Black Box: Transcend’s Brandon Wiebe’s Insights into Governing Emerging AI Systems (TGIR Ep. 218)

Legal Tech Monitor

SEPTEMBER 4, 2023

So there’s corporate and IP and employment and all of that, and our own internal privacy compliance as well. So that’s definitely a, you know, the automation is definitely something that helps uncover, you know, the, the not just the good data that’s out there. So it definitely has impact cross functionally as well.

Time-tracking

Time-tracking Hearing Compliance e-records

Face Forward: Strategies for Complying with Facial Recognition Laws

Debevoise Data Blog

OCTOBER 18, 2021

Illinois’ Biometric Information Privacy Act (“BIPA”) excludes both “digital photographs” and “information derived from” photographs from the definition of “biometric information.” State Laws Permitting but Regulating Collection and Use of Biometric Identifiers, including Facial Data.

Law

Law Law Court Time-tracking

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

Legal Tech Monitor

JULY 11, 2023

He announces SessionGuardian will offer free CLE courses on cybersecurity awareness and compliance. Firms should look beyond check-the-box compliance to make privacy and security central in their culture. So I definitely think data. Not all, I believe only one or two state laws in the US require it.

Law firm

Law firm Time-tracking Due diligence Attorney

What the ADPPA Means for U.S. Data Regulation

Debevoise Data Blog

JULY 12, 2022

Even if not enacted, its provisions are likely to influence a future federal privacy law. And, in many ways, the ADPPA may set a new minimum standard that will shape any state laws passed to fill the void left by the lack of a federal privacy law. We’ve previously written about the development of U.S. ADPPA § 2(9).

State law

State law Federal law Compliance Data protection

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

Debevoise Data Blog

OCTOBER 26, 2021

This would seem to eliminate not just the possibility of compliance-by-signage but also the possibility of online consent. This approach can be a hard sell for lawyers talking to their business-side clients, for whom being a compliance volunteer is rarely popular. Compliance. Has the company obtained those individuals’ consent?

Compliance

Compliance Federal law Data protection Machine learning

New Privacy Legislation in the U.S.: The Patchwork Problem Grows

Debevoise Data Blog

JULY 9, 2021

Colorado has just adopted a brand-new data privacy law and Nevada has just significantly amended its law. These changes add rights for consumers, and compliance obligations for businesses, that take the U.S. further in the direction of European-style privacy law.

Data protection

Data protection Attorney Compliance State law

The Rise of “Post-Truth” Litigation: ALM’s Isha Marathe on How Deep Fakes Threaten the Legal System (TGIR Ep. 209)

3 Geeks and a Law Blog

JUNE 28, 2023

But I believe there are regulations coming out of Texas, Washington, and California, the California law might actually have sunsetted, earlier this year, but there are state laws coming up, kind of like data privacy regulations, which we often call a patchwork, because they’re slightly conflicting.

Litigator

Litigator Litigation Court e-discovery

The Rise of “Post-Truth” Litigation: ALM’s Isha Marathe on How Deep Fakes Threaten the Legal System (TGIR Ep. 209)

Legal Tech Monitor

JUNE 28, 2023

But I believe there are regulations coming out of Texas, Washington, and California, the California law might actually have sunsetted, earlier this year, but there are state laws coming up, kind of like data privacy regulations, which we often call a patchwork, because they’re slightly conflicting.

Litigator

Litigator Litigation Judge Court

Legal Tech Connection

Privacy Law: Status of Legal Practice Area in 2025

What is the Stored Communications Act? Understanding the SCA & Subpoena Compliance

Webinars

Trending Sources

Treasury’s Post-2024 RFI Report on AI in Financial Services – Uses, Opportunities, and Risks

Webinars

Building a Digital Future: Is America Ready for a Federal Digital Bill of Rights?

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

Observing the Black Box: Transcend’s Brandon Wiebe’s Insights into Governing Emerging AI Systems (TGIR Ep. 218)

Virginia Enacts Direct-to-Consumer Genetic Privacy Law as Numerous Other States Introduce Similar Bills

The SEC Adopts Significant Cybersecurity Amendments to Reg S-P

Recently Enacted AI Law in Colorado: Yet Another Reason to Implement an AI Governance Program

European Data Protection Roundup – November 2023

Debevoise Authors 2022 Edition of the PLI Privacy Law Answer Book

Connecticut’s Next Generation Data Privacy Law

Utah Joins the Comprehensive State Privacy Law Club

Observing the Black Box: Transcend’s Brandon Wiebe’s Insights into Governing Emerging AI Systems (TGIR Ep. 218)

Face Forward: Strategies for Complying with Facial Recognition Laws

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

What the ADPPA Means for U.S. Data Regulation

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

New Privacy Legislation in the U.S.: The Patchwork Problem Grows

The Rise of “Post-Truth” Litigation: ALM’s Isha Marathe on How Deep Fakes Threaten the Legal System (TGIR Ep. 209)

The Rise of “Post-Truth” Litigation: ALM’s Isha Marathe on How Deep Fakes Threaten the Legal System (TGIR Ep. 209)

Stay Connected