On December 8, 2023, New York Attorney General Leticia James penned her approval to an Assurance of Discontinuance with third party dental administrator Healthplex, settling the enforcement action for $400,000 and a litany of data privacy and security compliance requirements.

The AG’s investigation commenced following a November 24, 2021, successful phishing attack against Healthplex. The

We previously wrote about how toys, baby monitors, and other smart devices collect, use, and disclose personal information about children, and risks to children’s privacy. As adults responsible for the safety of children in our care, learning about how smart devices collect, use, and disclose personal information of children should be a top priority, just

Data privacy and cybersecurity risks are critical components of M&A transactions due to the potential exposure for legal liability for non-compliance, as well as the financial and reputational harm and the material impact that lax or failed data privacy compliance and cybersecurity safeguards can have on an entity’s ability to conduct its operations.

Therefore, part

Meta (formerly Facebook) has been hit with a revived class action shareholder suit stemming from its involvement with Cambridge Analytica, a firm that infamously mined Facebook user data for hyper-targeted political engagement. The 9th U.S. Circuit Court of Appeals in San Francisco restored shareholders’ claims that Meta falsely stated that user data “could” be compromised

The California Privacy Protection Agency’s (CPPA) Enforcement Division is conducting a review of data privacy practices by connected vehicle manufacturers and related technologies. The CPPA, which was established by the 2018 California Privacy Rights Act, has been primarily focused on developing regulations. This investigation marks its first significant enforcement effort.

Connected vehicles, with features like

On July 20, 2023, the Federal Trade Commission (FTC) and the Department of Health and Human Services (HHS) issued letters to hospitals and telehealth providers “about the privacy and security risks related to the use of online tracking technologies integrated into their websites or mobile apps that may be impermissibly disclosing consumers’ sensitive personal health