Effective July 1, 2025, Colorado’s Privacy Act expands to impose obligations on any organization handling biometricidentifiers or biometric data, even if previously exempt. Required actions include clear prior notice, informed consent, apublic written policy with…
Posts by Category: Data Protection & Privacy
California AG Issues Highest Fine to Date for CCPA Violations
On July 1, 2025, California’s Attorney General secured a landmark $1.55 million settlement with Healthline—thelargest to date under the CCPA. Healthline was found to have failed to honor opt-out requests, improperly sharedsensitive health-related article titles, and…
Texas Leads Data Privacy Crackdown: Record Fines for Big Tech And AI
Texas Attorney General Ken Paxton has spearheaded an aggressive data privacy enforcement campaign, securinghistoric settlements—including $1.4 billion from Meta over biometric data misuse and $1.375 billion from Google forunauthorized collection of location and…
The Second Half of the Year Brings New State Privacy Obligations – Are You Ready?
Organizations that complied with early-2025 consumer privacy laws now face more change: three new privacyregimes—Tennessee (effective July 1), Minnesota (July 31), and Maryland (October 1)—plus six more slated forJanuary 1, 2026, in Kentucky, Rhode Island, and…
What the US Supreme Court’s Decision Upholding Texas Law Means for Data Privacy
The U.S. Supreme Court upheld a Texas law requiring robust age verification—via state ID, third-party services, orbiometrics—for websites with significant adult content. The 6–3 ruling prioritizes protecting minors but raises seriousprivacy concerns, potentially…
Hackers are Now Pretending to be Job Seekers to Spread Malware
Cybercriminals are posing as jobs eekers, creating fake LinkedIn profiles and resume sites, to target recruiters and HRmanagers. Once they gain trust, victims are invited to view a resume that appears harmless but secretly delivers aWindows shortcut (.LNK) file….
California Privacy Protection Agency Fines Retailer Over CCPA Violations
The California Privacy Protection Agency (CPPA) fined Todd Snyder, Inc. $345,178 for violating the CaliforniaConsumer Privacy Act (CCPA). The company failed to process consumer opt-out requests for 40 days due to improperconfiguration of its privacy portal, required…
A Job Applicant Can be Deepfaked into Existence in 70 Minutes, Cybersecurity Firm Finds
Cybersecurity firm Palo Alto Networks reports that a fake job applicant can be created in just 70 minutes usingdeepfake technology, posing a significant threat to employers. These AI-generated candidates can deceive hiringmanagers during video interviews, potentially…
Employers Must Be Vigilant to Protect Against Security Risks from Fraudulent Hires
Employers must be vigilant against security risks arising from fraudulent job applications, which can lead to hackersinfiltrating organizations and accessing sensitive data. The FBI has issued warnings about these increasing threats.To mitigate risks, employers should…
Cisco’s 2025 Data Privacy Benchmark Study: Privacy Landscape Grows Increasingly Complex in the Age of AI
Cisco’s 2025 Data Privacy Benchmark Study reveals the evolving landscape of data privacy, with organizations balancing local data storage for security and reliance on global providers for expertise. Conducted across 12 countries, the study highlights the growing…