The IAPP just updated its chart outlining the state data breach notification laws in the United States. Some interesting comparisons and observations emerge. Sending notices to consumers when their ...

The IAPP is policy neutral. We publish contributed opinion pieces to enable our members to hear a broad spectrum of views in our domains. March ends with the beginning of the next stage in the ...

Brazil's Superior Court of Justice ruled credit protection may justify internal risk analysis, but it does not automatically authorize credit bureaus to share identifiable consumer data with third ...

In 2023, German-based family run optician Brillen Rottler claimed it was unknowingly targeted by an individual who "systematically and abusively" made requests for access to his personal data "for the ...

Cybersecurity law is no longer treated as a purely technical compliance exercise, but increasingly as a matter of enterprise risk management and corporate governance. The goals are straightforward: ...

Cybersecurity implicates many aspects of corporate and governmental operations, engaging senior management, boards of directors, corporate counsel, outside counsel and policymakers at all levels of ...

The California 2025-2026 legislative session was adjourned for 2025, with 12 Oct. 2025 marking the final day for Governor Gavin Newsom to sign or veto bills. Lawmakers introduced at least 33 bills ...

India has officially enforced implemented its Digital Personal Data Protection Act and Rules on 13 November 2025, giving a deadline of 18 months for companies to comply to the act. This marks a ...

Editor's note: The IAPP is policy neutral. We publish contributed and analysis pieces to enable our members to hear a broad spectrum of views in our domains. As children go online at younger ages and ...

This article is part of a series on global AI governance law and policy. Japan's approach to an artificial intelligence policy is both unique and strategically nuanced. While firmly committed to the ...

This article is part of a series on global AI governance law and policy. Australia's artificial intelligence regulatory journey has shifted from an early plan to introduce an EU-style, risk-based ...

The trend towards risk-based artificial intelligence legislation seems to have turned on its head. Instead of, or in addition to, focusing on managing risks to consumers, policymakers are trending to ...