Heinig shares takeaways from discussions about the Digital Risk Index 2025 at the recent Navigate: A Digital Policy ...

This infographic charts the top risks for digital technology, as selected by global leaders.

More notably, it widens the PDPD's focus on Vietnamese citizens' data to cover any natural person's info stored in Vietnam before export, regardless of nationality. This shift broadens transborder ...

Despite that, a lot has been said about similarities between the GDPR and CCPA and still more about significant differences. Understanding third parties and related requirements is where practical ...

And so, yet again, a new legal theory is beginning to take root to blunt the impact of state privacy regulation. Specifically, some are suggesting the CPRA’s amendment of the CCPA provides, except for ...

This resource provides a detailed timeline of the EU GDPR from 1981 through 2016.

The U.S. state of Iowa is no stranger to privacy bills. Since its first attempt in 2020, the state's legislature has repeatedly proposed and considered comprehensive consumer data privacy legislation.

Data de-identification has many benefits in the context of the EU General Data Protection Regulation. One of the recurring questions is whether consent is required to anonymize or de-identify data. In ...

Even 10 years on, Edward Snowden's disclosures of U.S. government surveillance programs continue to make an impact on law and policy debates, particularly those involving privacy. His actions changed ...

This glossary provides definitions and explanations for some of the most common terms related to AI governance.

The EU Artificial Intelligence Act is not yet published in the Official Journal of the European Union, yet its unquestionably disruptive value as the world's first legislative effort to regulate AI is ...

The Data Care Act of 2023, sponsored by Sen. Brian Schatz, D-Hawaii, imposes various duties — a duty of care, duty of loyalty and duty of confidentiality — on online service providers. The duty of ...