We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Herb Stapleton's FBI Experience Proves to be Asset to Dinsmore's Corporate Team
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
On 10 June 2025, the new statutory tort for serious invasions of privacy came into force as part of a suite of privacy reforms passed last year, substantially enhancing privacy protections and signalling a material shift in...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
As 2024 came to a close, New York Gov. Hochul signed two bills (A8872A and S2376B) amending New York’s data breach law. The modifications change both what constitutes personal information under the law, as well as modifying...more
One of the main risks that a company faces after a data breach is a potential lawsuit. Plaintiffs often will allege creative statutory and common law theories of harm after they learn that their personal information has been...more
This post is part of a series of articles we are doing on 2023 data protection litigation trends. While the California Consumer Privacy Act (CCPA) is most known for its onerous privacy compliance obligations, the law also...more
Cybersecurity and data privacy risks continue to loom large with potentially significant consequences. Litigation, often filed soon after incidents, adds to the possible repercussions. In our previous article, we discussed a...more
Data breaches come in many different forms, sizes, and levels of complexity, but they tend to share certain key facts: A third-party bad actor—whether through a phishing attack, a ransomware attack, exploitation of a zero-day...more
In Insurance Corporation of British Columbia v. Ari, 2023 BCCA 331, the British Columbia Court of Appeal (BCCA) confirmed that an employer may be found vicariously liable when its employee violates of s. 1 of the province’s...more
Recent findings by the Office of the Privacy Commissioner of Canada (“OPC”) found that Home Depot of Canada Inc. (“Home Depot”) did not obtain valid meaningful consent to share summary purchase information with Meta Platforms...more
2023 is going to bring big changes to Pennsylvania’s Breach of Personal Information Notification Act. Although the revisions to the law do not go into effect until May 2, 2023, now is the time for Pennsylvania entities to...more
Takeaway: Ever since the U.S. Supreme Court ruled in Clapper v. Amnesty Int’l USA, 568 U.S. 398, 416 (2013), that plaintiffs “cannot manufacture standing merely by inflicting harm on themselves based on . . . hypothetical...more
On October 18, 2022, in Webb v. Injured Workers Pharmacy, LLC, the District of Massachusetts dismissed a class action complaint brought by former pharmacy patients alleging that their sensitive personal information had been...more
Early this week, a coalition of 40 attorneys general obtained two multistate settlements with Experian concerning data breaches it experienced in 2012 and 2015 that compromised the personal information of millions of...more
When a cybersecurity-related incident occurs, an insured should not automatically assume a standard commercial general liability (CGL) policy issued by an insurer will cover their losses, as CGL policies generally afford...more
Depuis le 22 septembre 2022, les entités du secteur privé exerçant des activités au Québec doivent aviser, avec diligence, la Commission d’accès à l’information (la « CAI ») de toute atteinte à la vie privée (soit un «...more
Hackers have increasingly focused on third-party vendors as avenues to data held by associated businesses. On August 25, 2022, DoorDash announced that it had experienced a data breach which impacted the personal...more
As of September 22, 2022, private-sector entities carrying on business in Quebec are required to notify Quebec’s Commission d’acces a l’information (CAI) and affected individuals of a privacy breach (referred to as a...more
The Third Circuit Court of Appeals has given new life to a putative class action suit led by a former employee of a company that suffered a ransomware attack, leading to her sensitive information being released onto the Dark...more
On January 1, 2020, the California Consumer Privacy Act (CCPA) became effective and created an array of protections for consumers regarding data privacy rights while creating business obligations related to the collection and...more
On February 2, 2022, the Massachusetts Legislature’s Joint Committee on Advanced Information Technology, the Internet and Cybersecurity released a new draft of a bill designed to provide mechanisms for how personal...more
On October 1, 2021, two Acts overhauling data privacy and cybersecurity in Connecticut took effect—the latest instance of stronger state breach reporting requirements with a safe harbor protection from litigation for...more
In the recent and significant Warren v DSG Retail Ltd [2021] EWHC 2168 (QB) decision the High Court in England clarified the limited circumstances in which claims for breach of confidence, misuse of private information and...more
On June 16, 2021, the Connecticut General Assembly adopted an expanded version of Connecticut’s data breach notification statute (2021 CT H.B. 5310 (NS)). Through this expansion, Connecticut’s data breach notification statute...more
On June 16, and then on July 6, 2021, Connecticut Governor Ned Lamont signed into law a pair of bills that together address privacy and cybersecurity in the state....more