All Posts

Glow Up or Blow Up: Five Takeaways from the CCPA Enforcement Action Against Sephora

As we discussed last year, the California Attorney General’s Office (“OAG”) has been wielding its enforcement authority under the California Consumer Privacy…

Read Post

Special (Category) Edition: CJEU Adopts Broad Interpretation of “Special Categories” of Personal Data Under GDPR

Earlier this month the Court of Justice of the European Union (“CJEU”) issued a decision adopting a surprisingly broad interpretation of the “special categories…

Read Post

Patient Privacy and Reproductive Health Data in the Dobbs Aftermath

The Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization, which overturned Roe v. Wade and Planned Parenthood v. Casey, raises…

Read Post

Second Bite at the Apple: Apple’s Account Deletion Requirement Finally Goes into Effect. Is Your Mobile App Compliant?

On June 30, after a 5-month delay from the originally-scheduled effective date (to give app developers more time to comply), Apple’s new…

Read Post

Carnival Cruise Line’s $1.25 Million Multistate Breach Settlement: 5 Lessons to Avoid and Mitigate Unstructured Data Breaches

Corporate email systems can often become repositories of personal information, with sensitive data elements appearing in the bodies of messages and their attachments, often with…

Read Post