Perkins on Privacy
Privacy and Security related image, digital thumbprint

Perkins on Privacy

Perkins on Privacy keeps you informed about the latest developments in privacy and data security law. Our insights are provided by Perkins Coie's Privacy & Security practice, recognized by Chambers as a leading firm in the field. 
Business
December 4, 2025 Regulatory Enforcement Data Security Data Breach and Incident Response

SEC Dismisses Cyber Disclosure Case Against SolarWinds and CISO

Key Takeaways

 View blog post
Government Contracts, Privacy & Security
October 30, 2025 Data Security CCPA Regulatory Enforcement Privacy Compliance State Privacy Laws Data Breach and Incident Response Legislative Developments

Preparing for the California Cyber Audit Regulations

On September 23, 2025, the California Privacy Protection Agency confirmed that their cyber audit regulations will at long last go into effect on January 1, 2026. 

You can be forgiven for losing track since these were first proposed in September 2023, but now is the time to start considering how they will apply to your company and budgeting for that impact. 

 View blog post
Data Center
October 15, 2025 Data Breach and Incident Response Data Security Legislative Developments

2025 Breach Notification Law Update

State Updates, Security Mandates, and the Federal Regulatory Horizon

 View blog post
AI finger touch screen
September 5, 2025 Artificial Intelligence Regulatory Enforcement Consumer Protection

FTC Files New “AI Washing” Case

On August 25, 2025, the Federal Trade Commission filed a complaint against Air AI, alleging the company and its owners made overblown claims about the availability and capabilities of its artificial intelligence (AI) tools to replace human sales representatives, as well as deceptive claims about the busi

 View blog post
woman online shopping
July 24, 2025 Children’s Privacy Privacy Compliance State Privacy Laws Privacy Litigation Consumer Protection

Free Speech Coalition v. Paxton: What the Supreme Court’s Age Verification Decision Could Mean for All Websites—Not Just Adult Ones

On June 27, 2025, the United States Supreme Court weighed in on the ongoing debate about age verification requirements for websites, holding that it is constitutional for a state to require websites that have a significant portion of adult content to implement commercial age verification systems. 

 View blog post
Computer Lock Security
July 11, 2025 Content Moderation Online Safety ECPA

Another Take on the TAKE IT DOWN Act

The TAKE IT DOWN Act (the Act), enacted on May 19, 2025, is a powerful (and controversial) new tool designed to stop people from sharing “nonconsensual intimate imagery,” or NCII, online.

 View blog post
Phone Consumer
June 24, 2025 Consumer Protection Financial Privacy Legislative Developments

The Slow Death of the CFPB Open Banking Rule?

 On May 30, 2025, the Consumer Financial Protection Bureau (CFPB) stated in a court filing that its “Open Banking Rule” (Rule) issued during the Biden administration “is unlawful and should be set aside.” View blog post
woman typing on a cell phone
June 2, 2025 Content Moderation Privacy Compliance Privacy Litigation ECPA Online Safety

Can Providers Be Sued for Mistaken CSAM Reports? Maybe, Says New Ruling

Can a communications provider be held liable when it reports to the National Center for Missing and Exploited Children (NCMEC) an image the provider believes to be child sexual abuse material based on signals provided by NCMEC? 

 View blog post
Virtual Landscape
May 28, 2025 State Privacy Laws Children’s Privacy Consumer Protection Artificial Intelligence

Montana’s Consumer Data Privacy Law Update: SB 297’s Sweeping Changes at a Glance

 On May 8, 2025, Montana Governor Greg Gianforte signed Senate Bill 297 (SB 297) into law, significantly revising the existing Montana Consumer Data Privacy Act (MCDPA). View blog post
privacy shield
April 25, 2025 Regulatory Enforcement Federal Trade Commission Consumer Protection

FTC Enforcement Priorities Take Shape With Resource Cuts in Mind

Perkins Coie partner Janis Kestenbaum says the FTC is keeping the pressure on strong consumer protection enforcement despite the Trump administration’s deregulatory agenda.

 View blog post
bell on front desk at hotel
November 7, 2024 Regulatory Enforcement Data Security Data Breach and Incident Response Federal Trade Commission

FTC and State Coalition Settle Data Breach Cases with Marriott

 In 2018, Marriott announced a data breach affecting its Starwood reservation system, thought at the time to have affected up to 500 million people worldwide. These settlements arise from that incident, as well as two smaller incidents that also affected Starwood and Marriott. The FTC alleges these incidents exposed payment card information, unencrypted passport numbers, and loyalty account information, along with other information like names, dates of birth, and contact information. View blog post
Pillars of a courthouse
November 1, 2024 Marketing Consumer Protection

Supreme Court To Review FCC Authority Over Junk Faxes

 In what is shaping up to be an increasingly active term for judicial scrutiny of agency deference, the U.S. Supreme Court granted certiorari in McLaughlin Chiropractic Assoc. v. McKesson Corp., No. 23-1226 (U.S. Oct. 4, 2024)—a case which appears primed to address how much deference federal courts must give to agency interpretations of the law. View blog post
AI finger touch screen
September 30, 2024 Data Breach and Incident Response Data Security

2024 Breach Notification Law Update: Unique New State Obligations and Widespread New Federal Obligations

 Amid intense focus on AI and a flurry of consumer privacy law updates, legislative activity has continued to change data breach notification requirements in a variety of ways. Similar to 2023, a handful of changes to generally applicable state breach notification statutes were accompanied by steady sectoral activity at the state level and significant updates at the federal level, including new obligations from both the Federal Trade Commission (FTC) and the U.S. Securities and Exchange Commission (SEC). View blog post
Woman on a laptop
September 19, 2023 Data Security Data Breach and Incident Response

Updating Corporate and Cybersecurity Practices To Satisfy the SEC’s Final Cybersecurity Disclosure Rules: Assessing Materiality of Cybersecurity Incidents

 In the wake of the SEC's new rule requiring prompt disclosure of cybersecurity incidents, incident response (IR) teams have asked how they should modify IR plans to promote compliance with the new rule. View blog post
People sitting in front of a laptop
September 15, 2023 Content Moderation

Global Online Safety Regulators Issue Statement on Human Rights and Online Safety Regulation

The Global Online Safety Regulators Network (Network) issued a position statement on human rights and online safety regulation on September 13, 2023.

 View blog post
© 2025 Perkins Coie LLP