We get Privacy for work — Episode 8: The Surge in Data Breach Lawsuits: Trends and Tactics
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Herb Stapleton's FBI Experience Proves to be Asset to Dinsmore's Corporate Team
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
On May 21, 2025, the Federal Trade Commission (FTC) finalized a consent order with GoDaddy to settle allegations that the web hosting company misled customers and failed to implement basic data security protections. Although...more
Our Consumer Protection/FTC and Privacy, Cyber & Data Strategy teams unpack Starwood Hotels’ and Marriott International’s settlements with the Federal Trade Commission and Marriott’s settlement with state attorneys general...more
Enforcement of data privacy laws across the US is in full force. Most recently, Marriott agreed to a $52 million settlement payment to 50 states, including $3.5 million to the State of Texas, following a data breach of 131...more
On April 21, 2022, the United States Court of Appeals for the Fourth Circuit affirmed the dismissal by the United States District Court for the District of Maryland of allegations that Marriott International had violated...more
The Fourth Circuit dismissed an investor’s lawsuit against a hotel chain that had been subject to a data breach, ruling that the company had not made false or misleading public statements about its protection of customer...more
Investors filed a derivative suit claiming that the company knew about, and failed to mitigate known, existing cybersecurity risks and shortfalls prior to the security breach. In early November, pension funds and...more
After the California Consumer Privacy Act (CCPA) took effect on January 1, 2020, a surge of class action lawsuits predicated on alleged CCPA violations hit businesses. Because of the act’s novelty, it was unclear whether...more
Marriott recently won dismissal of a proposed class action data breach lawsuit alleging several violations, including a violation of the California Consumer Privacy Act (CCPA). The case, Arifur Rahman v. Marriott...more
On January 12, 2021, the federal District Court for the Central District of California dismissed a data breach law suit—including a claim filed under the California Consumer Privacy Act (“CCPA”)—against Marriott...more
Hot on the heels of the £20 million fine issued to British Airways, the Information Commissioner’s Office (“ICO“) has issued Marriott International Inc. (“Marriott“) with a long-awaited penalty notice for its failure to...more
Few will have been surprised that, when the ICO eventually published details of the BA and Marriott fines, the final penalties were very much lower than the £183+ million and £99+ million proposed in the original notices of...more
On 30 October 2020, the UK’s data privacy regulator, the Information Commissioner’s Office (ICO) issued a final penalty notice (Penalty Notice) to fine the hotel chain Marriott International, Inc. (Marriott) for a GDPR data...more
The UK Information Commissioner’s Office (ICO) has recently handed down two of the largest fines relating to a data breach in UK history. In August 2018, British Airways (BA) was subject to a cyberattack which breached the...more
On Oct. 30, 2020, the United Kingdom’s data protection authority, the Information Commissioner’s Office (ICO), in connection with France’s Commission nationale de l’informatique et des libertés (CNIL), announced the largest...more
On February 21, the District of Maryland held that consumers had standing to assert claims arising from the historic data breach that hit Marriott in 2018, but the court dismissed the plaintiffs’ claim for negligence under...more
The decision to appeal a regulatory finding is never taken lightly. By the time a regulator has completed its investigation and notified a company of its intention to fine, the company will have invested significant time and...more
States Consider Privacy and Data Security Legislation - It’s that time of year again, when we see a flood of legislative activity at the state level on privacy and data security laws. A couple of recent examples are below....more
With it being Halloween, October being National Cybersecurity Awareness Month, and 2019 drawing to an end, let’s take a look at the data privacy breaches giving compliance professionals a fright this year! ...more
While GDPR has been active as a regulation since May 2018, the first fines have just started to hit companies for data breaches. Announced by the ICO on July 8 2019, they intend to fine British Airways £183.39 million for...more
Hong Kong-based Cathay Pacific Airways CEO Rupert Hogg has resigned in order to “take responsibility” a week “after the carrier was rebuked by China for staff involvement in the anti-Beijing protests rocking Hong Kong.” Hogg...more
On 9 July 2019 the UK data protection authority (ICO) updated its Data Sharing Code of Practice (first published in 2011) (Code). On the same day, the ICO also announced its intention to fine Marriott International just over...more
The UK Supervisory Authority (the ICO) has had a headline-busting month. On July 9, 2019, the ICO announced its intention to fine Marriott International more than £99 million under the GDPR (General Data Protection...more
When prospective buyers conduct legal due diligence in merger and acquisition transactions the main focus is typically on the traditional items, such as financials, debt instruments, major contracts and other key metrics...more
GDPR fines are seemingly like buses, you wait over a year for enforcement action by the UK’s data supervisory authority, the ICO, and then two come along at once – and with quite dramatic effect. The ICO has stretched its...more
British Data Protection Authority Flexes GDPR Enforcement Muscles - No longer is the bark of sanctions for lax data protection practices worse than its bite. The Information Commissioner’s Office (ICO)—the United Kingdom's...more