For full functionality of this site it is necessary to enable JavaScript. Here are the instructions to help you enable JavaScript in your web browser.

In-House Essentials

Tech Meets Legal
Cyber Leadership
Employment
Operations

Jul. 13, 2022

New AI Rules: Five Compliance Takeaways

Jun. 29, 2022

Navigating the Intersection of Digital Assets and AML

Jun. 22, 2022

New AI Rules: States Require Notice and Records, Feds Urge Monitoring and Vetting

Jun. 15, 2022

New AI Rules: NYC First to Mandate Audit

May 18, 2022

Navigating the Intersection of Blockchain and Data Privacy Laws

May 11, 2022

The Evolving Crypto Regulatory Climate

May 4, 2022

Cybersecurity and Privacy Teams Join to Create Data Governance Councils

Apr. 13, 2022

California AG Opinion Hands Companies New Tasks for AI, Data Maps, Marketing

Apr. 6, 2022

How to Measure Whether Your Company Is Ready to Catch Lots of Phish

Mar. 30, 2022

As Email Scams Surge, Training Lessons From 115 Million Phishing Messages

Mar. 16, 2022

Securing Emerging Technologies Without Hampering Innovation: Government Initiatives and How Companies Can Adapt

Mar. 16, 2022

How Combining Approaches to Data Analytics Can Yield Powerful Insights

Mar. 9, 2022

Securing Emerging Technologies Without Hampering Innovation: Private Sector Challenges

Mar. 2, 2022

Blockchain Recordkeeping Stirs Privacy Concerns

Feb. 16, 2022

AB InBev’s C2CRIGHT Initiative: Using Split Learning to Protect Privacy While Working Together

Feb. 9, 2022

AB InBev’s C2CRIGHT Initiative: Can Companies Work Together to Prevent Corruption?

Jan. 19, 2022

Privacy and Security Due Diligence in M&A Transactions: Going Beyond the Questionnaire

Jan. 19, 2022

Privacy Resolutions for 2022

Jan. 5, 2022

Using Technology to Build in Data Governance for Improved Security and Privacy

Jan. 5, 2022

Compliance Checklist for AI and Machine Learning

Dec. 15, 2021

Understanding Differential Privacy

Dec. 8, 2021

Privacy Tech Products Hold Promise but Sector Faces Hurdles

Dec. 01, 2021

Using Technology and Outsourcing to Enhance Compliance Programs and Manage Conflicts of Interest

Nov. 3, 2021

Checklist for Building an Identity-Centric Cybersecurity Framework

Oct. 27, 2021

IOSCO Issues Final Guidance on AI and Machine Learning

Oct. 6, 2021

How to Build Insider Risk Programs to Satisfy Global Employee Privacy Laws

Oct. 6, 2021

Lessons From HPE’s Anti-Corruption Purchase Order Analytics on the Role for Humans in Data Interpretation

Oct. 6, 2021

Fund Managers Must Ensure Adequate Security Measures Under Safeguards Rule or Risk SEC Enforcement Action

Sep. 22, 2021

Examining the Intersection of Voiceprints and Data Privacy Laws

Sep. 15, 2021

Essential Technology Contract Elements

Aug. 11, 2021

Using RegTech for Compliance Efforts and Potential Benefits of Emerging Technologies

Aug. 11, 2021

Evaluating Privacy and Cybersecurity Risks In Emerging Technology Transactions: Biometrics, Fintech and Cryptocurrency

Aug. 4, 2021

The Evolution, Status and Future of RegTech in the Private Funds Industry

Aug. 4, 2021

Evaluating Privacy and Cybersecurity Risks in Emerging Technology Transactions: Artificial Intelligence and EdTech

Jul. 21, 2021

Understanding Common Hacking Techniques and Forensic Analysis

Jun. 30, 2021

Using RegTech to Enhance Compliance

Jun. 16, 2021

The Impact of Recent Legislative and Litigation Trends on Commercial Use of De-Identified Data

Jun. 2, 2021

AI Compliance Playbook: Adapting the Three Lines Framework for AI Innovations

May 19, 2021

Negotiating Reps, Warranties and Remedies in Technology Contracts

May 12, 2021

How Law Firms Can Prevent, Detect, and Respond to Ransomware Attacks

May 12, 2021

How Three Companies Embarked on AI Compliance Journeys

Apr. 28, 2021

AI Compliance Playbook: Understanding Algorithm Audits

Apr. 21, 2021

AI Compliance Playbook: Seven Questions to Ask Before Regulators or Reporters Do

Apr. 14, 2021

AI Compliance Playbook: Traditional Risk Controls for Cutting-Edge Algorithms

Apr. 7, 2021

Did Clubhouse Sacrifice Privacy for Innovation? How to Find the Balance

Mar. 31, 2021

Managing Vendor Contracts From the Data Controller's Perspective

Mar. 24, 2021

Digital Identity Management in a Post-Pandemic World: A Framework for Identity-Centric Cybersecurity

Mar. 17, 2021

Digital Identity Management in a Post-Pandemic World: SolarWinds, Zero Trust and the Challenges Ahead

Mar. 10, 2021

AI for Compliance: Five Workarounds for Asymmetric Data Sets

Jan. 27, 2021

The Potential Legal Implications of Web Scraping for Market Research

Jan. 20, 2021

eDiscovery in Multi-Jurisdictional Investigations: Preparing to Play Multi-Level Chess

Dec. 16, 2020

AI for Compliance: Building a Model

Dec. 9, 2020

Strategies for Managing the Intersection of Cybersecurity and New Technologies

Nov. 18, 2020

Show Me the Data: How to Conduct Audits for Data Minimization

Nov. 11, 2020

AI for Compliance: Foundations

Nov. 11, 2020

The Intelligent Workplace in the Age of a Pandemic: Six Privacy and Security Safeguards

Nov. 4, 2020

Vulnerability Management: Increasing Communication to Prevent Problems From Hiding in Plain Sight

Oct. 28, 2020

The Intelligent Workplace in the Age of a Pandemic: Balancing Innovation and Risk

Oct. 28, 2020

Vulnerability Management: Understanding the Risks of External Scanning

Oct. 14, 2020

Vulnerability Management: What You Don’t Know From Your External Scans Can Be Used Against You

Sep. 9, 2020

IOSCO Offers Six Risk Mitigation Measures for AI and Machine Learning

Aug. 5, 2020

How to Achieve Trustworthy AI Using the European Commission’s Final Assessment List

Jul. 15, 2020

Back to the Table: CCPA Regulations Spark New Wave of Service-Provider Negotiations

Jul. 8, 2020

Getting Board Buy-In for Edge Cybersecurity Initiatives Post COVID‑19

Jun. 24, 2020

Balancing Privacy Rights and Innovation in Digital Contact Tracing

Jun. 17, 2020

The Current State and Future of AI Regulation

Jun. 10, 2020

After Capital One Ruling, How Will Companies Protect Forensic Reports?

May 20, 2020

Did Adtech Fix Its CCPA Problem? IAB’s GC Discusses New Contract for Data Sales

May 13, 2020

NIST Privacy Framework: Privacy Controls for an Era of Digital Transformation

Mar. 18, 2020

The Keys to Encryption: Effective Policies, Legal’s Role and Third Parties

Mar. 11, 2020

The Keys to Encryption: Legal and Regulatory Framework

Mar. 4, 2020

The Keys to Encryption: Uses and Implementation Challenges

Feb. 19, 2020

Best Practices for Using Alternative Data: Mitigating Regulatory Risks

Feb. 12, 2020

Best Practices for Using Alternative Data: Collection and Provider Management

Feb. 5, 2020

Defining, Implementing and Documenting “Reasonable Security”

Feb. 5, 2020

The Rise of Facial Recognition Technology: Mitigating Risk

Jan. 29, 2020

The Rise of Facial Recognition Technology: Mapping the Legal Framework

Jan. 22, 2020

The Rise of Facial Recognition Technology: Uses and Risks

Jan. 8, 2020

How eBay and PayPal Use Key Performance Indicators to Evaluate and Improve Privacy Programs

Dec. 11, 2019

Allocating Risk in Cloud Computing Relationships: Key Legal Issues

Dec. 11, 2019

How to Handle E.U. Data Subject Access Requests

Dec. 4, 2019

Allocating Risk in Cloud Computing Relationships: Spectrum of Offerings

Nov. 20, 2019

AI for Fund Managers and Beyond: How to Automate the Legal Department and Maintain Privacy

Nov. 13, 2019

AI for Fund Managers and Beyond: Government Guidance

Nov. 6, 2019

AI for Fund Managers and Beyond: How to Use It to Streamline Operations

Oct. 30, 2019

Reconciling Technology Development, Security and the Lawyer’s Role

Oct. 2, 2019

CCPA Close-Up: Review of Amendments and How to Prepare for Compliance

Sep. 25, 2019

Strategies and Tactics for Conducting an Effective Tabletop Exercise (Part Two of Two)

Jul. 31, 2019

Takeaways From the U.K. ICO’s FaceApp Warning

Jul. 10, 2019

Can GDPR Hinder AI Made in Europe?

Jun. 19, 2019

Tips From Lockheed and Groupon on Developing GC-CISO Partnerships to Improve Security and Incident Response

Jun. 12, 2019

There Really Isn’t a Quarterback: Uber and Equifax Executives Share Insights on Incident Response Best Practices and the Lawyer’s Role

Jun. 5, 2019

FINRA RegTech Conference Reviews AI, RegTech Adoption and Compliance Challenges (Part Two of Two)

May 29, 2019

FINRA RegTech Conference Examines Digital Identification, Suspicious Activity Reporting and Machine Learning

May 22, 2019

Court Reconsiders November 2018 Order and Issues Preliminary Injunction Against ICO

May 15, 2019

What Does It Mean to Be Technologically Competent?

May 8, 2019

Understanding Regulatory Technology: Current Uses and Deployment Considerations

May 1, 2019

Understanding Regulatory Technology: Tools, Challenges and Regulators’ Views

Apr. 10, 2019

Insights From a Former SEC Counsel on Regulating Digital Assets

Mar. 27, 2019

Navigating the Risks of Alternative Data Collection and Use

Mar. 20, 2019

Increased Post-Breach Discovery Turns Spotlight on Privilege

Mar. 13, 2019

Mitigating the Risks of Open-Source Software

Mar. 6, 2019

Benefits and Risks of Open-Source Software and How the Financial Sector Is Using It

Feb. 27, 2019

Preparing for the CCPA: Securing Buy-In and Setting the Scope

Feb. 20, 2019

ACA Aponix-NSCP Cyber Survey Finds Growing Numbers of Security Incidents, Cloud Use and Regulatory Burdens

Feb. 20, 2019

Implications of the Illinois Supreme Court’s BIPA Holding Against Six Flags

Feb. 13, 2019

Practical Ways to Incorporate Security Protection Into Supplier Agreements

Jan. 23, 2019

Illinois Federal Court Denies Standing in BIPA Claim Against Google

Jan. 16, 2019

How a New Ethics Rule and Error in Manafort Case Highlight the Importance of Lawyers’ Technology Competence

Dec. 12, 2018

Illinois Appellate Decision Creates Split on Standing to Sue Under BIPA

Dec. 5, 2018

Insights From Uber: Building Bridges Between Legal and Engineering

Nov. 28, 2018

Insights From Uber: An Inside Look at Its Privacy Team Structure and How Legal and Tech Collaborated on Its Differential Privacy Tool

Nov. 14, 2018

How Privacy Professionals Can Benefit Cybersecurity Programs: Practical Tips From Gap and Privacy Panacea

Nov. 14, 2018

A Roadmap to Preparing for and Managing a Cyber Investigation

Nov. 7, 2018

WhiteHat Report on the Software Lifecycle and Visa Bug Bounty Program Demonstrate the Need for Greater App Security

Oct. 24, 2018

California Enacts Groundbreaking IoT Law and Requires Disclosure of Bot Use

Oct. 17, 2018

Risks and Rewards of Bluetooth Technology

Oct. 17, 2018

Regulating AI: U.S., E.U. and Industry Laws and Guidance

Sep. 26, 2018

Artificial Intelligence in Legal Practice: Potential Ethical and Liability Pitfalls

Sep. 26, 2018

New Sidley Partner Lilya Tessler Discusses the FinTech and Blockchain Space

Sep. 19, 2018

Evolving Roles of Privacy and Security Professionals: Operationalizing Policies, Incident Response and Vendor Management

Sep. 12, 2018

Evolving Roles of Privacy and Security Professionals: Effective Governance and Board Reporting

Sep. 5, 2018

Evolving Roles of Privacy and Security Professionals: Examining Required Skills and Potential Convergence

Jul. 11, 2018

Is Encryption Obligatory? HHS Upholds Texas Hospital $4.3M HIPAA Fine

Jun. 13, 2018

What Lawyers Need to Know About Security Technologies and Techniques (Part Three of Three)

Jun. 6, 2018

What Lawyers Need to Know About Security Technologies and Techniques (Part Two of Three)

May 30, 2018

What Lawyers Need to Know About Security Techniques and Technologies to Mitigate Breach Risk (Part One of Three)

May 30, 2018

Understanding the Intersection of Law and Artificial Intelligence

Apr. 18, 2018

When and How Legal and Information Security Should Engage on Cyber Strategy: Vendors and M&A (Part Three of Three)

Apr. 11, 2018

When and How Legal and Information Security Should Engage on Cyber Strategy: Assessments and Incident Response (Part Two of Three)

Mar. 28, 2018

When and How Legal and Information Security Should Engage on Cyber Strategy: It Starts With Governance (Part One of Three)

Mar. 14, 2018

FTC Enters Into Stiff Settlement With PayPal for Venmo’s Deceptive Practices, but Eases up on a 2009 Sears Order

Feb. 14, 2018

Virtual Currencies Present Significant Risk and Opportunity, Demanding Focus From Regulators, According to CFTC Chair

Feb. 14, 2018

Using Technology to Comply With the GDPR

Feb. 14, 2018

Biometric Data Protection Laws and Litigation Strategies (Part Two of Two)

Jan. 31, 2018

Five Strategies a Privacy Attorney Uses to Bridge the Gap With Tech Teams

Jan. 31, 2018

Biometric Data Protection Laws and Litigation Strategies (Part One of Two)

Jan. 31, 2018

How to Make Data Work for You: A Conversation With a Law Firm’s Chief Data Analytics Officer and Its CISO

Jan. 17, 2018

How Blockchain Will Continue to Revolutionize the Private Funds Sector in 2018

Dec. 20, 2017

SEC Takes Aggressive Action Against Allegedly Fraudulent ICO

Dec. 6, 2017

Actions Under Biometric Privacy Laws Highlight Related Risks

Nov. 8, 2017

How to Mitigate the Risks of Open-Source Software (Part Two of Two)

Oct. 25, 2017

How to Mitigate the Risks of Open-Source Software (Part One of Two)

Oct. 25, 2017

How to Outsource Vulnerability Assessments to Hackers

Oct. 11, 2017

Lessons From the Equifax Breach on How to Bolster Incident Response Planning (Part Two of Two)

Oct. 11, 2017

Practical and Ethical Data-Protection Steps for Law Firms

Sep. 27, 2017

Lessons From the Equifax Breach on How to Bolster Incident Response Planning (Part One of Two)

Sep. 13, 2017

Negotiating an Effective Cloud Service Agreement

Sep. 13, 2017

Unlocking Encryption: An Attorney Weighs in on Balancing Security and Practicality (Part Three of Three)

Aug. 23, 2017

Unlocking Encryption: A CISO’s Perspective on Encryption As Only One Strategy (Part Two of Three)

Aug. 9, 2017

Overcoming the Challenges and Reaping the Benefits of Multi-Factor Authentication in the Financial Sector (Part Two of Two)

Aug. 9, 2017

Unlocking Encryption: A Consultant’s View on Navigating Encryption Options and Persuading Reluctant Organizations (Part One of Three)

Jul. 26, 2017

Overcoming the Challenges and Reaping the Benefits of Multi-Factor Authentication in the Financial Sector (Part One of Two)

Jul. 12, 2017

Blockchain and the Financial Services Industry: Potential Impediments to Its Eventual Adoption (Part Three of Three)

Jun. 28, 2017

How Financial Service Providers Can Use Blockchain to Improve Operations and Compliance (Part Two of Three)

Jun. 28, 2017

The Arc of the Deal: Tips for Cybersecurity Due Diligence Advisors in Mergers & Acquisitions From Beginning to End

Jun. 14, 2017

Basics of the Blockchain Technology and How the Financial Sector Is Currently Employing It (Part One of Three)

May 31, 2017

Advice on Incorporating Cybersecurity in eDiscovery

May 31, 2017

One Year Until GDPR Enforcement: Five Steps Companies Should Take Now

May 17, 2017

Investigative Realities: Working Effectively With Forensic Firms (Part Two of Two)

May 17, 2017

Tracking Data and Maximizing Its Potential

May 3, 2017

Investigative Realities: Working Effectively With Forensic Firms (Part One of Two)

Apr. 19, 2017

What In-House and Outside Counsel Need to Know About ACC’s First Model Cybersecurity Practices for Law Firms

Apr. 5, 2017

Proactive Steps to Prevent Legal Pitfalls in Bug Bounty Programs

Mar. 22, 2017

Forensic Firms: Effective Vetting and Collaboration (Part Three of Three)

Mar. 22, 2017

How to Establish and Manage a Successful Bug Bounty Program

Mar. 8, 2017

Forensic Firms: Key Contract Considerations and Terms (Part Two of Three)

Feb. 22, 2017

Forensic Firms: Understanding and Leveraging Their Expertise From the Start (Part One of Three)

Jan. 11, 2017

Tech Meets Legal Spotlight: Advice on Working With Information Security

Nov. 30, 2016

Tech Meets Legal Spotlight: What to Do When IT and Legal Slow the Retention of a Third-Party Vendor

Nov. 30, 2016

Exploring the New Frontier of International Regulations on Importing and Exporting Encryption Technology

Nov. 2, 2016

Guide to Getting Your Security Program Certified Under ISO 27001

Oct. 19, 2016

Finding the Best Ways to Secure Digital Transactions in a Mobile World

Aug. 24, 2016

Fulfilling the Ethical Duty of Technology Competence for Attorneys

Aug. 3, 2016

How Cyber Stakeholders Can Speak the Same Language (Part Two of Two)

Jul. 20, 2016

How Cyber Stakeholders Can Speak the Same Language (Part One of Two)

Jul. 6, 2016

Technology Leader Discusses How to Deal With the Growing Threat of Ransomware

Jun. 22, 2016

Assistant Attorney General Leslie Caldwell Addresses the Challenges of Cross-Border Cooperation and Electronic Evidence Gathering

Jun. 8, 2016

What CISOs Want Lawyers to Understand About Cybersecurity

May 11, 2016

Privacy Concerns in a Cashless Society

Apr. 27, 2016

A Guide to Developing and Implementing a Successful Cyber Incident Response Plan: From Data Mapping to Evaluation (Part One of Three)

Apr. 13, 2016

Study Analyzes How Companies Can Overcome Cybersecurity Challenges and Create Business Value

Mar. 30, 2016

Steps for Companies to Take This Week, This Month and This Year to Meet the Challenges of International Cyberspace Governance

Mar. 30, 2016

How Law Firms Should Strengthen Cybersecurity to Protect Themselves and Their Clients

Oct. 28, 2015

Orrick Attorneys Explain California’s New Specific Standards for Breach Notification

Aug. 26, 2015

The Development of E-Currency and Its Potential Impact on the Future

Aug. 12, 2015

Surveys Find Internal and Third-Party Cybersecurity Risks Among Top Executive Concerns

Aug. 12, 2015

How the Hospitality Industry Confronts Cybersecurity Threats that Never Take Vacations

Jul. 29, 2015

Managing the Increased Individual Risks and Responsibilities of Compliance Officers

Jul. 15, 2015

The Challenge of Coordinating the Legal and Security Teams in the Current Cyber Landscape (Part Two of Two)

Jul. 15, 2015

Conflicting Views of Safety, Vulnerability and Privacy Fuel Encryption Debate

Jun. 17, 2015

The Advantages of Sending Data Up to the Cloud

Jun. 17, 2015

Sample Questions for Companies to Ask to Assess Their Law Firms’ Cybersecurity Environment

Jun. 3, 2015

Understanding and Addressing Cybersecurity Vulnerabilities at Law Firms: Strategies for Vendors, Lawyers and Clients

Jun. 3, 2015

How Companies Are Preparing for the Imminent Liability Shift for Counterfeit Credit Cards

Jun. 3, 2015

In a Candid Conversation, FBI Director James Comey Talks About the “Evil Layer Cake” of Cybersecurity Threats (Part One of Two)

Apr. 8, 2015

Ten Actions for Effective Data Risk Management

Most-Read Articles

Jul. 13, 2022
CPRA Draft Regulations: Essential Takeaways and 10 Actions to Take Now
- State Laws
Jul. 20, 2022
Looking Back on the Breach: Fundamentals of Preserving Privilege of Forensic Analyses in the Wake of a Data Breach
- Privilege
Jun. 15, 2022
New AI Rules: NYC First to Mandate Audit
- Artificial Intelligence
Jul. 13, 2022
New AI Rules: Five Compliance Takeaways
- Artificial Intelligence
Jul. 20, 2022
Employee Data Under the CPRA: Key Rights and Restrictions
- Employment

Webinar on Compliant International Data Transfers

Listen here to our discussion with our colleagues at Ethos Privacy, which took place on March 1, 2022, on how to approach international data transfer challenges.