Has your business assessed the below list of certain key privacy issues in 2025? The Morris, Manning & Martin Privacy team can answer questions or provide a free initial assessment for new or existing clients.
Artificial Intelligence Compliance – Are you using artificial intelligence in your business operations? Do you have AI embedded in the goods and services you offer customers? The regulatory framework applicable to AI continues to develop, including across US states and the European Union.
Data Brokering – An increasing number of states are regulating data ‘brokering’ activities, including requiring state registrations, notices, and detailed information security requirements. These laws can carry penalties that accrue daily for non-compliance. You may be in scope if you ingest data from third parties and make such data available to other parties for a fee or as part of your SaaS platform services.
Data Protection Impact Assessments – Certain states are now requiring businesses to conduct detailed impact assessments (known as DPIAs) when engaging in activities such as personal data sales, targeted advertising, “sensitive” data processing, or profiling.
International Data Transfers – If your business imports, stores, or accesses personal data in the US of overseas individuals, beware restrictions on such transfers. We can help assess applicable requirements (or overseas customer expectations) and can help with the development of standard contract terms or registration under the Data Privacy Framework.
State Comprehensive Privacy Laws – Have you assessed whether your business may be in scope of any of the 19+ states that have passed comprehensive privacy laws? If not, we have developed processes to efficiently assess and can help identify relevant requirements and compliance strategies.
Privacy Notices – Have you updated your privacy notice within the last year based on changes in state and other laws and/or operations? Many states now require an annual update.
Privacy Terms in Commercial Contracts – Have you updated your standard agreements in the past year? Do you have a form data protection addendum for your customers and/or vendors?
Web Tracking / Embedded Videos – Have you taken defensive measures in response to serious litigation risks around cookies, chatbots, screen captures, and embedded videos? Ordinary online tracking and marketing activity and use of embedded videos are generating millions of dollars of privacy demands from plaintiff’s attorneys for activity that you may consider simply ordinary business.
Messaging and Communications – Have you assessed text, email, and telephone call compliance with relevant laws such as TCPA, violations of which have resulted in class action lawsuits and statutory damages?
Governance – Do you have processes in place consistent with emerging standards to ensure regular review, reporting, audit and assessment of compliance across the organization? Solutions do not need to break the bank, but some formal processes should be in place.
MMM contacts:
- Michael Young, Partner, at myoung@mmmlaw.com or 404.495.8481
- Roy Hadley, Special Counsel, at rhadley@mmmlaw.com or 404.364.3179
- Beau Braswell, Senior Associate, at bbraswell@mmmlaw.com or 404.364.4574
The above information is provided by Morris, Manning & Martin, LLP for general information purposes only and does not constitute legal advice or establish an attorney-client relationship.
