Data Privacy

Hintze & Partners Recognized by Chambers in 2025 USA Rankings

Hintze Law PLLC is delighted to announce the Chambers & Partners recognition of Susan Hintze, Mike Hintze, Sam Castic, and Mason Fitch in its USA Guide 2025. These recognitions include the firm’s sixth year being nationally ranked in Privacy and Data Security, and third year in Privacy & Data Security: Healthcare.

Susan Hintze, co-managing partner, and Mike Hintze, partner, have been recognized for their privacy and data security law expertise for seven years by Chambers & Partners. This is the first year Sam Castic, partner, and Mason Fitch, senior associate, have been ranked by Chambers & Partners.

Sam Castic is a partner with Hintze Law, chair of the firm’s Retail Group, and co-chair of the Cybersecurity and Breach Response Group and FinTech + Financial Services Group. As a former chief privacy officer, he helps companies build, scale, and right-size privacy programs and strategies. In Chambers’ review, clients are quoted, praising Sam’s “technical levels of expertise that impress the engineers as well as being hyper-focused on all applicable legislation.” Sam is known amongst clients for being “practical, knowledgeable and easy to work with,” and his “dead on and practical” advice that “provides exactly the right amount of awareness you need.” Clients also commended Sam’s “great expertise in the financial privacy space.”

Mason Fitch is a senior associate and a member of the firm’s Health & Biotech Team. Mason’s significant in-house experience allows him to provide clients with practical, actionable advice. This is his first year being recognized by Chambers & Partners as an Associate to Watch in the 2025 USA Guide—Healthcare: Texas. Mason’s clients praise his “excellent knowledge of the industry and where the industry is going,” and for “provid[ing] practical advice.” Clients also told Chambers & Partners that “Mason is great to work with and fully delivers what we need him to.”

Hintze Law’s Health & Biotech Team has been recognized by Chambers & Partners for three years. Led by Hintze Law partner Kate Black, the team is comprised of “experts who are in-house experienced advisors, able to distil complex matters into tangible and proportionate steps.” This team works with biotechnology, medical device, digital health, and consumer wellness companies, as well as data analytics and machine learning platforms that work with health information. The dedication and expertise the health & biotech team provides to clients makes Hintze Law a perfect “one-stop shop for tech companies.”

Susan and Mike have been recognized in the 2025 edition of Chambers & Partners in the Privacy & Data Security: Privacy area. Susan has a reputation for her “impeccable ability to explain the details of the law” and "her experience across a range of companies, keen awareness of the regulatory environment, and ability to distil complex topics into guidance.

Mike was also ranked for his work in Privacy & Data Security: Adtech. This is his second year being recognized in this area of expertise and clients’ praise. “Mike's extensive experience in-house ... makes his counsel not only expert but practical, risk-based, and actionable. He isn't afraid to weigh in and say what he would do in my shoes." Mike is now recognized in the Band 1 rankings of Chambers & Partners.

Chambers ranking bands are a way of organizing and recognizing law firms and individual lawyers based on their performance and reputation, with Band 1 representing the highest tier. Being ranked in any band is a significant achievement, as it indicates that the firm or individual has demonstrated strong technical legal ability, professional conduct, client service, and other qualities valued by clients.

Hintze Law’s lawyers work exclusively on privacy, cybersecurity, and AI issues. The firm is pleased to be recognized by Chambers & Partners as an Elite Law Firm for Privacy and Data Security.

Founded in 2014, Hintze Law has been honored to receive accolades showcasing the firm’s expertise and client service on privacy, data security, and AI matters. The firm and lawyers have been ranked for years by peers and colleagues as among the top legal professionals in privacy. Achievements include recognition in Chambers’ Global & USA Privacy and Data Security rankings, the Legal 500’s U.S. Cyberlaw rankings, Best Law Firms local and national rankings, and Global Data Review’s GDR 100 as one of the world’s best data law firms.

Hintze Law PLLC is a Chambers-ranked and Legal 500-recognized, boutique law firm that provides counseling exclusively on global privacy, data security, and AI law. Its attorneys and data consultants support technology, ecommerce, advertising, media, retail, healthcare, and mobile companies, organizations, and industry associations in all aspects of privacy, data security, and AI law.

State Privacy Regulators Announce Formation of Collaboratory Consortium

State Privacy Regulators Announce Formation of Collaboratory Consortium

by Felicity Slater and Susan Hintze

On April 16, 2025, the California Privacy Protection Agency (CPPA) and state Attorneys General from California, Colorado, Connecticut, Delaware, Indiana, New Jersey, and Oregon announced the formation of the bipartisan "Consortium of Privacy Regulators." The focus of the Consortium will be to foster multi-state coordination, including sharing of expertise and resources, in investigation of potential violations of and enforcement of their state's respective comprehensive privacy laws.

Read More

Takeaways From the New DOJ Guidance on Its Cross-Border Data Rule

Takeaways From the New DOJ Guidance on Its Cross-Border Data Rule

By Sam Castic

On Friday April 11, 2025, the DOJ released a Compliance Guide and more than 100 FAQs on the Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons Rule (the “DOJ Rule”).  It also released an Implementation and Enforcement Policy, which indicates it will not prioritize enforcement against companies making good faith efforts to comply until July 8, 2025. 

Read More

Virginia Governor Signs Reproductive Health Data Restrictions into Law

Virginia Governor Signs Reproductive Health Data Restrictions into Law

by Cameron Cantrell and Felicity Slater 

On March 24, 2025, Governor Youngkin (R) of Virginia signed SB 754—which amends the Virginia Consumer Protection Act (VCPA) to restrict the collection and processing of “reproductive or sexual health information” and is enforceable through a private right of action—into law. The law will take effect July 1, 2025. 

Read More

French Competition Authority Fines Apple €150M Alleging Market Power Abuse of Ad Privacy System

French Competition Authority Fines Apple €150M Alleging Market Power Abuse of Ad Privacy System

By Susan Hintze and Hansenard Piou 

Note that the Autorité has not yet been published the decision in question as it is in process of redacting information relating to trade secrets. Please check back for updates. 

Read More
Don’t Sleep on Maryland: The Maryland Online Data Privacy Act Will Keep Health and Wellness Companies Up at Night — Hintze

Hintze & Partners Recognized by Chambers in 2025 Global Rankings

Hintze & Partners Recognized by Chambers in 2025 Global Rankings

Hintze Law and its lawyers have once again been recognized in Chambers & Partners for expertise in Privacy and Data Security in the 2025 Chambers Global Guide. These recognitions include Hintze Law’s fifth year being ranked as an Elite Law Firm for Privacy and Data Security as well as the firm’s second year receiving recognition for Privacy and Data Security: Healthcare.

Read More

Final COPPA Rule Amendments: Definitional Changes

Final COPPA Rule Amendments: Definitional Changes

By Susan Hintze, Emily Litka, and Amy Lanchester 

This is Part 2 in a series of blog posts about the 2025 COPPA Final Rule. It provides a comprehensive review of the revised definitional changes to the Rule.  Subsequent posts in the coming days will delve more deeply into the direct and online notice, parental consent, and data governance requirements. Our unofficial redlined copy of the Final Rule can be found here.

Read More
Don’t Sleep on Maryland: The Maryland Online Data Privacy Act Will Keep Health and Wellness Companies Up at Night — Hintze

The FTC Issues Final COPPA Rule Amendment

The FTC Issues Final COPPA Rule Amendment

By Susan Hintze and Emily Litka

This is Part 1 in a series of blog posts about the 2025 COPPA Final Rule. It provides a high-level overview of the Final Rule. Subsequent posts in the coming days will delve more deeply into individual aspects of the Final Rule and FTC comments, the issues raised, and implications for specific industry sectors.Our unofficial redlined copy of the Final Rule can be found here.

Read More
Don’t Sleep on Maryland: The Maryland Online Data Privacy Act Will Keep Health and Wellness Companies Up at Night — Hintze

In ‘Holy Redeemer’ Settlement Agreement, OCR Continues to Prioritize Privacy Protections for Reproductive Health Information

In ‘Holy Redeemer’ Settlement Agreement, OCR Continues to Prioritize Privacy Protections for Reproductive Health Information

by Felicity Slater and Kate Black

On November 26, 2024, the Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) announced a resolution agreement and corrective plan with Pennsylvania’s Holy Redeemer Hospital (Holy Redeemer). The agreement settles OCR’s claim that Holy Redeemer disclosed a patient’s protected health information (PHI)—including intimate reproductive health details—without a permissible purpose or valid authorization from the patient in violation of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule

Read More

A Last-Minute Push for a Reproductive Health Privacy Law in Michigan

A Last-Minute Push for a Reproductive Health Privacy Law in Michigan

By Mike Hintze and Felicity Slater 

On November 7, 2024, the Michigan legislature introduced Senate Bill 1082 / House Bill 6077, the Reproductive Data Privacy Act (the “RDPA” or the “act”). The act was introduced in the aftermath of the 2024 election cycle as Michigan Democrats brace to lose control of the House in 2025. At a hearing in the Senate Committee on Housing and Human Services, lawmakers backing the RDPA expressed a hope to pass the act before the year’s end. 

Read More

Hintze Law PLLC Recognized in 2025’s Best Law Firm Rankings

Hintze Law PLLC Recognized in 2025’s Best Law Firm Rankings

We are pleased to share that Hintze Law has been recognized for excellence in Information Technology Law and Technology Law in the 2025 edition Best Law Firms® rankings. The firm has been ranked in these areas both nationally and in the Seattle area.  

Read More

California Enacts "genAI" Laws That Introduce New Privacy and Transparency Requirements, Amongst Others 

California Enacts "genAI" Laws That Introduce New Privacy and Transparency Requirements, Amongst Others 

By Emily Litka

In September 2024, California Governor Gavin Newsome signed a number of new generative AI (“genAI”) bills into law. These laws address risks associated with deepfakes, training dataset transparency, use of genAI in healthcare settings, privacy, and AI literacy in schools. California is the first US state to enact such sweeping genAI regulations.

Read More

FTC Introduces Novel Ban in Its Settlement with NGL Labs and Scrutinizes AI Representations

By Emily Litka

On July 9, 2024, The Federal Trade Commission (FTC) and the Los Angeles District Attorney’s Office (LA DA) reached a settlement with NGL Labs, the maker of the “NGL: ask me anything” app and its co-founders. The complaint alleged violations of the Federal Trade Commission Act (FTC Act), the Children’s Online Privacy Protection Act (COPPA), the Restore Online Shoppers’ Confidence Act (ROSCA), and similar California state laws. In the complaint, the FTC and LA DA also brought claims against NGL’s cofounders individually. 

Read More