All Posts

Less Is More, Too Much Is Not Enough: What the Irish DPC’s €390 Million Fine Against Meta Could Mean for Your Privacy Notice

European data protection authorities kicked 2023 off with a bang when, on January 4, the Irish Data Protection Commission (DPC) announced that…

Read Post

2022 Hindsight: Breach Notification Year in Review

While new comprehensive state privacy laws took most of the headlines this year, security threats and incident response remain key risk factors for privacy…

Read Post

Minor Keys: Major Takeaways from New California Online Children’s Privacy Law

The California Age-Appropriate Design Code Act (the “Act”) recently became law and includes a number of online privacy-related requirements related to individuals under…

Read Post

Glow Up or Blow Up: Five Takeaways from the CCPA Enforcement Action Against Sephora

As we discussed last year, the California Attorney General’s Office (“OAG”) has been wielding its enforcement authority under the California Consumer Privacy…

Read Post

Special (Category) Edition: CJEU Adopts Broad Interpretation of “Special Categories” of Personal Data Under GDPR

Earlier this month the Court of Justice of the European Union (“CJEU”) issued a decision adopting a surprisingly broad interpretation of the “special categories…

Read Post