• |

    Oct. 22, 2025

How to Create a Program to Combat Deepfakes

Deepfakes are not just another cybersecurity risk. They can strike at the heart of corporate credibility and undermine everyday business interactions. AI-based detection tech is improving and may help combat the threat, but is untested. Thus, a comprehensive program is needed to strengthen defenses and the response. With insights and recommendations from practitioners at Baker Donelson, DeleteMe, Fisher Phillips and Gartner, this article provides a detailed framework for mitigating deepfake risk and presents pitfalls to avoid in the battle against this pervasive fraud. See “Navigating the Patchwork of Federal and State AI Deepfake Laws” (Oct. 8, 2025).

CPPA’s Tractor Supply Decision Offers Lessons As Enforcement Focus Moves From Education to Deterrence

The California Privacy Protection Agency (CPPA), in its recent landmark decision against national rural lifestyle retailer Tractor Supply Company, imposed the largest fine in the agency’s history and marked its first case addressing privacy notices and rights for job applicants. The action contains important compliance insights for all U.S. companies, not exclusively for those operating in California. This article discusses the implications of the Tractor Supply decision, including its signaling of the CPPA’s enforcement focus, guidance on responding to regulators and practical lessons for privacy compliance, featuring perspectives from enforcement specialists at Frankfurt Kurnit, IAB, Kelley Drye, Manatt, Phelps & Phillips, and Squire Patton Boggs. See “Cookie Compliance Lessons From the Todd Snyder Settlement” (Jun. 11, 2025).

Integrating AI Into the Five Stages of an Investigation

As generative AI tools become readily available to investigating teams, they are being leveraged to realize efficiencies when moving through the stages of an internal investigation. This article, distilling insights shared by compliance officers and investigators at UnitedHealth Group, National Grid, ITT Inc. and PricewaterhouseCoopers during a panel at the Society for Corporate Compliance and Ethics’ Compliance & Ethics Institute, provides tips on how to manage the investigation lifecycle while employing AI tools. See “Assessing and Managing AI’s Transformation of Cybersecurity in 2025” (Mar. 19, 2025).

Former Illinois Privacy Chief Joins BakerHostetler in Chicago

BakerHostetler has welcomed Matthew Van Hise as a partner in the digital assets and data management practice group, and a member of the firm’s digital risk advisory and cybersecurity team in Chicago. He arrives from the Illinois AG’s Office, where he served as CPO, Assistant AG and Chief of the Privacy and Data Security Unit. For commentary from Van Hise, see “State AGs Share Breach Notification Tips and Latest Enforcement Concerns” (Jun. 9, 2021). For insights from BakerHostetler, see “Saddling Up for Montana’s Broad Privacy Law Update” (Jun. 4, 2025); and “Nine Cybersecurity Resolutions for 2025” (Jan. 22, 2025).

Most-Read Articles

Women to Watch: Contributions, Achievements and Observations of Outstanding Female Professionals

To mark International Women’s Day, women editors and reporters at ION Analytics interviewed outstanding women in the industries and jurisdictions we cover. In this part, Law Report Group editors Jill Abitbol, Robin L. Barton and Megan Zwiebel profile notable women in data privacy, cybersecurity, private funds and anti-corruption law, including Anne-Gabrielle Haie, Jessica Lee, Micaela McMurrough, Laura Perkins, Amanda Raad, Madelyn Calabrese, Ranah Esmaili and Genna Garver. Enjoy reading their inspiring remarks here.

Celebrating Data Privacy Day 2025

Read the full brief here.

Cybersecurity Awareness Month

Read the full brief here.