Connect with us
Client Portals
Starting July 1, 2025, Colorado’s Biometric Data Privacy Amendment introduces strict requirements for collectingbiometric data from individuals, including employees and job applicants. Employers must obtain limited-purposeconsent, follow a strict data deletion…
A U.S. company faces GDPR obligations only if it intentionally “targets” people in the EU—through European-languagemarketing, EU domains, EU payment or shipping options, or dedicated contacts. Minimal incidental access (e.g. aEuropean visiting the site) generally does…
With no federal data privacy law, 20 states have enacted laws and ramped up enforcement. California fined Healthline$1.55 million for CCPA violations involving tracking technologies and poor disclosures. Connecticut finedTicketNetwork $85,000 for deficient privacy…
The Texas Responsible AI Governance Act, effective January 2026, applies to businesses using AI systems in Texasor serving Texas residents. Compliance requires clear policies on AI purpose, data use, performance evaluation, postdeployment monitoring, user safeguards,…
Tennessee’s Information Protection Act (TIPA), effective July 2025, regulates businesses operating in Tennessee orserving its residents with over $25 million revenue and significant personal data handling. It grants consumers rights toaccess, correct, delete data, and…
Effective July 1, 2025, Colorado’s Privacy Act expands to impose obligations on any organization handling biometricidentifiers or biometric data, even if previously exempt. Required actions include clear prior notice, informed consent, apublic written policy with…
On July 1, 2025, California’s Attorney General secured a landmark $1.55 million settlement with Healthline—thelargest to date under the CCPA. Healthline was found to have failed to honor opt-out requests, improperly sharedsensitive health-related article titles, and…
Texas Attorney General Ken Paxton has spearheaded an aggressive data privacy enforcement campaign, securinghistoric settlements—including $1.4 billion from Meta over biometric data misuse and $1.375 billion from Google forunauthorized collection of location and…
Organizations that complied with early-2025 consumer privacy laws now face more change: three new privacyregimes—Tennessee (effective July 1), Minnesota (July 31), and Maryland (October 1)—plus six more slated forJanuary 1, 2026, in Kentucky, Rhode Island, and…
The U.S. Supreme Court upheld a Texas law requiring robust age verification—via state ID, third-party services, orbiometrics—for websites with significant adult content. The 6–3 ruling prioritizes protecting minors but raises seriousprivacy concerns, potentially…