Part of the reason for the state involvement is that the federal government often is not enacting laws on these subjects, Morrison & Foerster's Andrew Serwin says. Many state governments have been ...

Adopt security policies that protect both the organization and consumers’ interests (for more information, see Developing Information Security Policies (US) on Practical Law).

Collects and uses customer or employee personal information. Participates in an industry sector that is considered high risk or critical infrastructure. Offers securities as a publicly traded company.

New technology advancements and changing regulations are likely to herald significant changes in data privacy in the months to come. How data privacy pressures shape up in 2026 is an open question.

Data privacy regulations such as the EU’s General Data Protection Regulation and California’s Consumer Privacy Act have fundamentally changed how organizations ...

Keeping up with new privacy and cybersecurity laws has proved challenging for enterprises, many of which struggle to understand which laws even apply to them. Artificial intelligence (AI) complicates ...

Privacy and data security laws govern how organizations collect, handle, and protect personally identifiable information (PII) to ensure it is properly processed and ...

When Connecticut Attorney General William Tong described granting the Department of Government Efficiency (DOGE) access to Treasury Department records as potentially the largest data breach in ...