We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Le 23 avril 2025, dans l’affaire Insurance Corporation of British Columbia v. Ari (décision disponible uniquement en anglais), la Cour d’appel de la Colombie-Britannique (la « CACB ») a confirmé une décision de première...more
On April 23, 2025, in Insurance Corporation of British Columbia v. Ari, the British Columbia Court of Appeal affirmed a class action judgment awarding aggregate damages of C$15,000 per class member without proof of...more
In InvestorCOM Inc. v. L’Anton, 2025 BCCA 40, the BC Court of Appeal upheld the chambers judge’s decision not to strike the plaintiff’s claim because of a parallel action in Ontario that also sought certification as a...more
In 2023, we discussed the uptick in data privacy and cybersecurity class action lawsuits; as expected, this trend has persisted throughout 2024 as plaintiffs continue to test new theories of liability and the boundaries of...more
In light of the continuing barrage of lawsuits brought under the Illinois Biometric Information Privacy Act (BIPA), companies should be able to rely on their general liability (GL) insurers to defend and indemnify them from...more
On April 29, 2024, the Supreme Court issued an Order List indicating that certiorari had been denied in Brinker International, Inc. v. Steinmetz, Docket No. 23-648. The Eleventh Circuit Brinker Decision - Brinker was...more
Courts and class action counsel have been considering what kinds of injuries can confer standing to pursue federal claims following the Supreme Court’s 2021 decision in TransUnion LLC v. Ramirez, which held that the...more
In a trilogy of rulings released on November 25, 2022, the Ontario Court of Appeal (“Court”) has ruled that the tort of intrusion upon seclusion cannot extend to companies that collect and store personal information and fall...more
The Ontario Court of Appeal recently ruled that an organization that fails to take adequate steps to safeguard personal information in its possession cannot be held liable under the tort of intrusion upon seclusion when that...more
The Third Circuit Court of Appeals has given new life to a putative class action suit led by a former employee of a company that suffered a ransomware attack, leading to her sensitive information being released onto the Dark...more
The Fourth Circuit dismissed an investor’s lawsuit against a hotel chain that had been subject to a data breach, ruling that the company had not made false or misleading public statements about its protection of customer...more
The Supreme Court of the United Kingdom has delivered its long-awaited decision in the case of Lloyd [2021] UKSC 50, rejecting an attempt to bring a representative claim for compensation for "loss of control" over personal...more
A federal appeals court recently addressed whether employees had standing to bring a lawsuit when their personally identifiable information (PII) was inadvertently circulated to other employees at the company, with no...more
On April 26, 2021, the Second Circuit Court of Appeals decided the case of McMorris v. Carlos Lopez & Assocs., No. 19-4310, 2021 WL 1603808 (2d Cir. Apr. 26, 2021) and addressed one of the most critical issues in private data...more
While more states push forward on new privacy legislation statutorily granting consumers the right to litigate control of their personal information, federal courts continue to ponder how data breach injury fits traditional...more
On February 4, 2021, the Eleventh Circuit became the latest federal court of appeals to weigh in on a question that has divided the circuits: whether a plaintiff has standing to sue in a data breach case based on an alleged...more
On February 4, 2021, the Eleventh Circuit Court of Appeals issued a critical opinion addressing Article III standing in private data breach actions, which has been the subject of a closely watched circuit split. The case,...more
In Tsao v. Captiva MVP Rest. Partners, LLC, No. 18-14959, 2021 WL 381948 (11th Cir. Feb. 4, 2021), Tsao brought a putative class action against PDQ - a restaurant chain that he purportedly patronized - following a data...more
A class action lawsuit filed against PayPal in connection with a breach it suffered in 2017 was dismissed recently because the plaintiffs did not adequately allege PayPal’s intent to deceive investors. The litigation began...more
Today’s decision by the Supreme Court to allow the appeal in WM Morrison Supermarkets plc v Various Claimants may on first glance look like a significant setback to privacy advocates. However, the court’s unanimous judgment...more
The decision to appeal a regulatory finding is never taken lightly. By the time a regulator has completed its investigation and notified a company of its intention to fine, the company will have invested significant time and...more
Report on Patient Privacy 20, no. 2 (February 2020) - A ruling from Georgia’s highest state court could set a precedent that determines recourse for victims of cyberattacks. The Georgia Supreme Court ruled in late December...more
While a war rages on the issue of standing in data breach cases, the need to prove damages is presenting an even greater hurdle for plaintiffs, as we have noted previously. One clear illustration of this trend is Attias v....more
We wrote recently about how the certiorari petition in Zappos.com, Inc. v. Stevens was a possible vehicle to put the question of standing in data breach cases back before the Supreme Court. Alas, the Court denied the...more
UK supermarket chain Morrisons has been held vicariously liable for the acts of a malicious employee in the UK’s first data leak class action. The issue began in 2014, when a disgruntled Morrison’s internal IT auditor posted...more