• |

    May 21, 2025

Texas AG’s Billion-Dollar Settlement With Google Highlights Biometric Data Use Compliance Considerations

Make room, Biometric Information Privacy Act. This month, the Texas AG used the state’s biometric law (CUBI) to help secure a $1.375‑billion settlement with Google, resolving two privacy complaints centered on the tech giant’s use of individuals’ biometric, geolocation and incognito-mode search data. CUBI allows $25,000 in damages per violation. The settlement, which echoes the billion-dollar settlement with Meta in 2024, highlights the AG’s broad interpretation of CUBI’s provisions. With insights from experts at Baker Botts, Blank Rome, Carter Ledyard & Milburn and Haynes & Boone, this article examines the circumstances surrounding the settlement, offers four biometric law compliance considerations, and discusses regulatory and litigation risk factors highlighted by the case. See “What Texas’ Record $1.4‑Billion Deal With Meta Portends for Biometric Data Capture and Use” (Aug. 21, 2024).

Update on Digital Governance in India and China

As the two largest economies in Asia, China and India have introduced, and continue to release, new laws and regulations concerning digital governance and trust, imposing comprehensive compliance requirements across data protection, privacy, cybersecurity and AI. Navigating challenges and finding practical solutions for compliance with those laws is essential for businesses. This article synthesizes insights offered during the IAPP Global Privacy Summit 2025 on China’s comprehensive regulatory regime, including its evolving approach to cross-border data transfers, India’s evolving data protection regime and ways for global organizations to navigate disparate local requirements. Speakers included attorneys from Dell Technologies, Persistent Systems, Volkswagen and Reed Smith. See “Navigating Recent Changes to China’s Data Privacy Laws in Internal Investigations” (Jun. 19, 2024).

Survey Finds Investment Managers Increasing Use of Alternative Data

As alternative data (alt data) becomes part of mainstream investing, investment professionals are seeking new data sources and enhanced analytical capabilities. A recent survey conducted by alt data platform BattleFin’s and its newly acquired alt data analytics platform, Exabel, assessed demand for alt data, data sources, key challenges associated with using alt data, resources, budgeting and management commitment to alt data. This article details the key findings from the BattleFin survey. See “AI Drives Rise in Private Funds’ Use of Alternative Data” (Mar. 20, 2024).

Former DHS Senior Official Joins Ropes & Gray’s Data, Privacy & Cybersecurity Practice

Ropes & Gray has welcomed Robert Silvers, former Under Secretary for Policy at the U.S. Department of Homeland Security, as co‑chair of the firm’s national security practice and a partner in its data, privacy & cybersecurity practice. He will be based in Washington, D.C., and Silicon Valley. For commentary from Silvers, see “Four Steps to Secure Open-Source Software After CSRB’s Log4j Investigation” (Sep. 7, 2022). For insights from Ropes & Gray, see our two-part series “DOJ Guidance on Bulk Sensitive Data Rules”: Enforcement Grace Period and Prohibited Transactions (May 7, 2025), and Compliance Program, Recordkeeping and Reporting (May 14, 2025).

Foley Welcomes Cybersecurity, Privacy and Technology Partner Duo to Chicago

Daniel Farris and Joe McClendon have joined Foley & Lardner as partners in the firm’s technology transactions, cybersecurity and privacy practice as well as its energy & infrastructure and innovative technology sectors in Chicago. The pair arrives from Norton Rose Fulbright. For commentary from Farris, see our three-part series on the keys to encryption: “Uses and Implementation Challenges” (Mar. 4, 2020), “Legal and Regulatory Framework” (Mar. 11, 2020), and “Effective Policies, Legal’s Role and Third Parties” (Mar. 18, 2020). For insights from Foley, see “Cyber Risks in Aviation: Navigating Turbulent Skies Ahead” (Mar. 22, 2023); and “Drafting Data and Cybersecurity Provisions in Third-Party Vendor Agreements” (Mar. 30, 2022).

Most-Read Articles

Women to Watch: Contributions, Achievements and Observations of Outstanding Female Professionals

To mark International Women’s Day, women editors and reporters at ION Analytics interviewed outstanding women in the industries and jurisdictions we cover. In this part, Law Report Group editors Jill Abitbol, Robin L. Barton and Megan Zwiebel profile notable women in data privacy, cybersecurity, private funds and anti-corruption law, including Anne-Gabrielle Haie, Jessica Lee, Micaela McMurrough, Laura Perkins, Amanda Raad, Madelyn Calabrese, Ranah Esmaili and Genna Garver. Enjoy reading their inspiring remarks here.

Celebrating Data Privacy Day 2025

Read the full brief here.

Cybersecurity Awareness Month

Read the full brief here.

Spotlight on Trailblazing Women

To mark International Women’s Day 2024, women editors and reporters of ION Analytics interviewed outstanding women in the industries and jurisdictions we cover. In this part, Jill Abitbol, Managing Editor of the Cybersecurity Law Report and Anti-Corruption Report, features notable women in data privacy, cybersecurity, white collar defense, compliance and anti-corruption law, including Christina Montgomery, Leslie Shanklin, Palmina Fava, Alexandra Ross and Lucinda Low. Enjoy reading their inspiring remarks here.

We Celebrate Data Privacy Day 2024

Read the full brief here.

Spotlight on Trailblazing Women

In honor of International Women’s Day, some of ION Analytics' editorial teams led by women interviewed notable women in the markets and industries we cover. In this part, the Cybersecurity Law Report highlighted notable women in compliance and hedge fund, data privacy and cybersecurity, and anti-corruption law, including Amii Barnard-Bahn, Abigail Bell, Genna Garver, Jane Horvath, Barbara Li, Amy Mushahwar, Mara Senn and Carol Widger. The interviews are here.

 

 

 

Webinar on Compliant International Data Transfers

Listen here to our discussion with our colleagues at Ethos Privacy, which took place on March 1, 2022, on how to approach international data transfer challenges. 

Webinar on Getting a Handle on Vendor Contracts

A recording of the March 10 webinar can be accessed here

Cybersecurity Resolutions for 2021

In this quick take video, we talk about some of our cybersecurity resolutions for 2021.

Facial Recognition Concerns

In this short video, we discuss the privacy and bias concerns with facial recognition technology.

Planning for the Return to Work 

We discuss a few return-to-work privacy issues in this short video.

ACR and CSLR Spring Update 2020

The Senior Editors of the Anti-Corruption Report and the Cybersecurity Law Report recently teamed up to present an update on the trends and hot topics in the anti-corruption, cybersecurity and data privacy spaces since the beginning of the year and what the publications will be focusing on in the coming months. A complimentary download of the webinar is available here.

Upcoming Webinar: Companywide Work From Home - Cybersecurity and Privacy Best Practices

Please join us on Monday, March 23, 2020, from 12:00 p.m.- 12:30 p.m. EDT for a complimentary webinar discussing the cybersecurity and privacy challenges the shift to remote working has created and how to overcome them. Registration information for the webinar is here

Upcoming Webinar to Explore Best Practices for Alternative Data Use

Please join us on Wednesday, January 15, 2020, at 11:00 a.m. EST for a complimentary webinar hosted by our sister publication, the Hedge Fund Law Report, discussing issues relating to the use of alternative data by private fund managers. To register for the webinar, click here.

Upcoming HFLR/CSLR Webinar to Explore Strategies and Tactics for Conducting an Effective Tabletop Exercise

Please join the Hedge Fund Law Report and the Cybersecurity Law Report on Tuesday, July 30, 2019, at 1:00 p.m. ET for a complimentary webinar discussing the strategies and tactics companies can employ to conduct an effective tabletop exercise. GCs and CCOs are encouraged to invite their CISOs and CTOs to join as well. The webinar will be moderated by Shaw Horton, Associate Editor of the Hedge Fund Law Report, and will feature Luke Dembosky, partner at Debevoise, John “Four” Flynn, chief information security officer at Uber, and Jill Abitbol, Senior Editor of the Cybersecurity Law Report. Registration for the webinar is available here.

Anti-Corruption Webinar: How HPE Is Using Its New T&E Tool to Generate Compliance Metrics

Measuring the effectiveness of a compliance program can be tricky, but some companies are finding ways to use their existing internal controls to generate useful data. Join our sister publication the Anti-Corruption Report (ACR) for a complimentary webinar that explores Hewlett Packard Enterprises’ new travel-and-entertainment-approval tool. On Wednesday, March 27, 2019, from 1:00 p.m. to 2:00 p.m. EDT, the ACR’s Megan Zwiebel will interview Becky Rohr, vice-president of anti-corruption and global trade at Hewlett Packard Enterprises, about how they are using their T&E tool to measure and improve compliance. Registration information is here.