Data Privacy

Subscribe to Data Privacy via RSS

This week, the U.S. Supreme Court granted certiorari in Salazar v. Paramount Global, No. 25-459 (cert. granted Jan. 26, 2026), to resolve a circuit split over the scope of the federal Video Privacy Protection Act (VPPA). Enacted in 1988, the VPPA has helped fuel a wave of class actions in recent years, especially

California’s 2025 legislative session ended with a familiar message to businesses: privacy compliance is expanding in scope, and artificial intelligence (AI) governance is moving quickly from voluntary best practices to enforceable transparency and safety obligations. On the last day of 2025, lawmakers introduced 33 privacy and AI bills and passed 16 for Governor Gavin Newsom

Happy New Year! 2025 was a busy year for the Insider authors—we published 271 posts throughout 2025. To kick-off 2026, in case you missed them last year, we are providing the articles from 2025 that were the most interesting to our readers across various categories.

We hope you enjoy them and look forward to another

A new lawsuit filed in Illinois federal court is shining a spotlight on the legal risks tied to AI-powered meeting assistants that offer transcription and speaker identification services on platforms like Zoom and Microsoft Teams. The complaint, brought by Illinois resident Katelin Cruz, alleges that California-based tech company Fireflies.AI Corp. is illegally harvesting and storing

A recent federal court decision in Adam v. CaringBridge, Inc., No.  25-cv-06042-WHO, 2025 WL 3493565 (N. Cal. Dec. 5, 2025), offers a cautionary tale for plaintiffs in privacy class actions, and a strategic playbook for defendants. Even where a case is properly filed in California (the home turf for many privacy statutes and plaintiffs)

The California Consumer Privacy Act (CCPA), as amended and effective January 1, 2026, brings the most detailed and sweeping changes since the law’s introduction. If you do business in California or handle Californians’ personal information, here’s what your company must know, and do, to avoid compliance risks.

Expanded Privacy Policy and Disclosure Requirements

The updated

The 2025 California legislative session ended without passing critical reforms to the California Invasion of Privacy Act (CIPA), leaving businesses vulnerable and scrambling to manage escalating compliance challenges and legal exposure on their own.

Why Was Reform Needed?

CIPA, originally enacted in 1967 to protect against telephone wiretapping, has recently been used to challenge how websites collect