Data Privacy + Security Insider

Subscribe via RSS
Visit Blog

Blog Authors

Guest Contributor
Kevin Daly
Robinson+Cole's Data Privacy + Cybersecurity Team
Kathleen Dion
Jennifer Driscoll
Jennifer Driscoll
Conor Duffy
Linn Foster Freedman
Kathleen Healy
Daniel Lass
Sarah Mahon
Seth Orkand
Kathleen Porter
Kathryn Rattigan

Latest from Data Privacy + Security Insider

A federal judge has ruled that CNN must face a proposed class action alleging that its website shared consumers’ personal information with Microsoft and adtech firms without consent, in alleged violation of the California Invasion of Privacy Act (CIPA). The lawsuit challenges CNN’s alleged use of online tracking tools and the downstream sharing of data in the digital advertising ecosystem. 

According

On March 11, 2026, the Federal Trade Commission (FTC) announced an Advance Notice of Proposed Rulemaking (ANPRM) highlighting its Rule Concerning the Use of Prenotification Negative Option Plans, seeking comment on whether the rule should be amended or supplemented to better address deceptive or unfair negative option practices.

The FTC describes negative options as marketing

March was a busy month for former Black Basta affiliates who are using old social engineering techniques to target executives in the manufacturing, professional, scientific, and technical services industries. According to Reliaquest, the activity of the threat actors indicates that these sectors “were likely direct targets.”

According to its report, “Attackers are using automation

According to Security Week’s recent article, “Stolen Logins Are Fueling Everything from Ransomware to Nation-State Cyberattacks,” cybersecurity firm Ontinue’s 2H 2025 Threat Intelligence Report, showcases that “Attackers aren’t breaking in anymore, they’re logging in.”

According to Ontinue’s Report, in the second half of 2025, “identity became the primary attack surface.”  This means

California Governor Gavin Newsom issued a new executive order aimed at tightening California’s procurement rules for artificial intelligence (AI) vendors and “raising the bar” for companies that want to sell AI tools to the state. The administration says the goal is to ensure contractors meet strong standards and can demonstrate responsible policies that prevent misuse,

Minnesota Governor Tim Walz issued an emergency executive order on April 7, 2026, dispatching the Minnesota National Guard after Winona County requested assistance following a cyber attack disrupting its “critical systems and digital services.” The attack occurred on April 6, 2026, and is “significantly impairing the county’s ability to deliver vital emergency and municipal services.”

While California’s wiretapping statute, the California Invasion of Privacy Act (CIPA), tends to dominate the conversation about the recent rise in wiretapping litigation, plaintiffs are also turning to other states’ wiretapping laws to target web tracking and session-replay tools. The U.S. Court of Appeals for the Third Circuit recently held that a website visitor could