The European Data Protection Board (EDPB) has issued its opinion on the European Commission’s draft adequacy decision for Brazil, marking a major step toward enabling free data flows between the EU and Brazil. The EDPB confirmed Brazil’s General Data Protection Law (LGPD) aligns closely with the EU GDPR but urged clarifications on Data Protection Impact Assessments, transparency limitations, onward transfers, and oversight of enforcement. Once adopted, the adequacy decision will simplify EU–Brazil data transfers and strengthen global cooperation in data protection and privacy compliance.

Vietnam’s Personal Data Protection Decree (PDPD) and forthcoming Personal Data Protection Law (PDPL) introduce stricter, GDPR-inspired data privacy rules. Businesses must now obtain clear, informed consent before processing personal data and comply with new security and cross-border transfer requirements. With enforcement led by the Ministry of Public Security, companies operating in Vietnam should update consent processes and privacy policies to meet the country’s fast-evolving data protection standards.

The FTC and seven states have sued Live Nation and Ticketmaster for deceptive ticket pricing and bot violations, alleging hidden fees, unfair resale practices, and violations of the FTC Act and BOTS Act. The case could reshape online ticketing transparency and enforcement of consumer protection laws nationwide.

The Algorithmic Accountability Act of 2025 introduces sweeping federal oversight of AI and automated decision-making. Businesses using high-risk AI systems must conduct impact assessments, address bias, and ensure transparency. Learn how this landmark legislation could reshape compliance, data governance, and risk management in the AI era.

The EU and South Korea have finalized a mutual adequacy decision, allowing personal data to flow freely between the two regions without additional legal hurdles. This landmark agreement strengthens digital trade, simplifies compliance for businesses, and sets a global standard for data protection and privacy.

California’s SB 361 significantly enhances data broker regulations under the California Delete Act, introducing stricter consumer data deletion deadlines, expanded disclosure requirements, and mandatory audits starting in 2028. This law targets data sharing with foreign governments and AI developers, emphasizing transparency, consumer trust, and national security. Learn how to prepare for CPPA compliance today.

On September 3, 2025, the EU’s General Court upheld the validity of the European Commission’s adequacy decision for the EU-U.S. Data Privacy Framework, rejecting a legal challenge that questioned the independence of U.S. oversight mechanisms and the legality of bulk data collection practices. The ruling provides continued legal certainty for transatlantic data transfers, though a potential appeal to the Court of Justice of the EU could bring the framework back under review. This article explores the background of the case, the Court’s reasoning, and what it means for businesses relying on the framework.

As China implements new regulations mandating the labeling of AI-generated content, major platforms like WeChat, Bilibili, and Xiaohongshu are rolling out tools to tag synthetic media. This article explores how these measures aim to enhance transparency, curb misinformation, and set a precedent for responsible AI governance. With implications for global tech policy and data privacy, China's approach offers valuable insights into the evolving relationship between AI, regulation, and public trust.

Congress has passed the bipartisan TAKE IT DOWN Act, aimed at combating AI-generated and non-consensual intimate imagery online. While praised as a major step against digital sexual abuse, the law raises serious concerns about free speech, due process, and platform liability. It bypasses Section 230 by using FTC enforcement authority, placing sweeping obligations on platforms to remove content within 48 hours. Privacy advocates warn that it may incentivize surveillance and undermine encryption protections.

Utah's Digital Choice Act gives users control over their data, allowing easy transfer and deletion across platforms. It requires tech companies to adopt open-source protocols, reducing monopolistic control over user information. This move could inspire similar data privacy reforms in other states

In today’s digital landscape “fake news” can go viral in minutes. While fake news is not a new phenomenon, what is new about it is the ease and speed at which it can be disseminated and spread to large audiences. The manufacturing of fake news causes a host of problems which stems from both a financial and ideological motivation. Most fake news is shared on social media platforms, such as Facebook, that fail to contain the spread of such misinformation, further exacerbating the problems discussed. While other countries have taken aggressive actions to stop the spread of fake news, the U.S. has been slow to embrace proactive regulatory measures as such regulation presents challenges. In addition to the public outcry on self-expression, lawmakers in the United States face a unique obstacle compared to other countries that have been able to pass aggressive laws: The First Amendment to the United States Constitution. Moreover, the enactment of Section 230 has been interpreted by the lower courts to provide a broad immunity that shields internet service providers, like Facebook, for defamatory fake news content posted on their sites. Therefore, this Article seeks to understand how and to what extent, if any, can fake news be regulated without violating the First Amendment.

Explore how the EU’s GDPR, through the real seat approach, is driving a “race to the top” in global corporate law and policies. This article examines GDPR’s extraterritorial impact, enforcement mechanisms, and influence on multinational companies, while highlighting the challenges and opportunities for global data privacy harmonization. Learn how GDPR compliance is transforming corporate practices across the U.S., Asia, South America, and beyond.

Discover why the U.S. needs a comprehensive federal data privacy law and how the EU’s GDPR can serve as a global benchmark. This article examines the flaws of America’s patchwork privacy framework, the rising costs of non-compliance for U.S. companies, and actionable steps for harmonizing privacy regulations to protect consumers and ensure global competitiveness.

Explore how U.S.-China trade tensions are reshaping global technology, digital infrastructure, and national security. This article examines the Clean Network Program, China’s Data Security Initiative, and why coordinated international standards are critical to prevent technological fragmentation and ensure global innovation.