In a recent webinar, we gave practical recommendations for those non-US companies who are looking to expand their US operations. We are thrilled to announce publication of a white paper, which summarizes the recommendations from our webinar. In it, we provide an overview of the US’s patchwork approach to regulating privacy.
We designed this guide to help non‑US entities prioritize their compliance efforts. We walk through sector-specific risks (like healthcare, kids’ use of social media, and government contracting), activity-specific risks (such as tracking technologies and vendor management), and practical strategies for building a flexible, principle-based compliance framework. Rather than advocating generic and impractical approaches, we focus practical strategies. From programs based on core principles, to cross‑functional collaboration, we suggest change‑management concepts that can help navigate the US environment.
Putting it into practice: This guide can help non‑US organizations navigate what we anticipate will be an increasingly confusing and complex privacy and cybersecurity landscape in the United States in 2026, and potentially beyond.