We get Privacy for work — Episode 8: The Surge in Data Breach Lawsuits: Trends and Tactics
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Herb Stapleton's FBI Experience Proves to be Asset to Dinsmore's Corporate Team
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
On 14 January 2025, the Home Office opened a public consultation (the "Consultation") on proposals seeking to address the growing threat and impact of ransomware in the UK. The UK Government details three specific proposals...more
The 2024 CrowdStrike outage and the ransomware attack on NHS partner Synnovis hit mainstream news and highlighted the fragility of ICT supply chains and the risks posed by cyber incidents....more
On January 14, 2025, the UK government unveiled a proposed framework aimed at combating the rise of ransomware attacks by implementing a payment prevention and reporting regime. This would require companies to not only report...more
The Pensions Regulator (TPR) has published a regulatory intervention report outlining how they worked with Capita following a cyber incident last year (see our legal update), and detailing the key steps trustees should take...more
Last year proved to be a big year in data protection with U.S. state data protection laws popping up across the country, the FTC updating its guidance and regulations on everything from data breaches and biometric...more
I recently had the chance to visit with Jonathan Armstrong on a recent data breach case that occurred in the health service provider NHS Lanarkshire (Scotland) during the COVID-19 pandemic. This breach serves as a stark...more
Paying a cyber ransom will, allegedly, secure your data and give you back control of your systems. But there are legal, operational and ethical risks to consider....more
Editor’s Note: On February 15, 2023, HaystackID shared an educational webcast to provide valuable insight into the ways in which AI is being used to address key issues in the realm of privacy and cybersecurity. The expert...more
In this month’s Privacy & Cybersecurity Update, we analyze recent fines against Meta and their impact on the future of behavioral advertising, the timeline for the California Privacy Rights Act’s regulations to become...more
In this month’s Privacy & Cybersecurity Update, we examine the European Commission’s draft adequacy decision on the EU-U.S. Data Privacy Framework, as well as guidance from the U.K. Information Commissioner’s Office on...more
It is safe to say that Board members, CEOs and other key decision-makers everywhere, recognize the significance of cyber risk management and the heavy investment that initiatives in this field represent. Cyber risks in the...more
The crucial question that a company and its board will face if it suffers a cyber security breach is: "Had you taken reasonable steps to try to prevent a breach, and to prepare to handle any breach that occurred?" If the...more
In this episode of Life with GDPR, Jonathan Armstrong and I return to take a deep dive into class action litigation in the UK and EU around data privacy and data protection. We consider some issues in class action lawsuits...more
The decision of the UK Supreme Court in Lloyd v Google is a welcome relief for data controllers. However, is it the end of class actions for data breach?...more
The below is a brief summary of the judgment handed down in Lloyd v Google LLC [2021] UKSC 50 by the Supreme Court on November 10, 2021 as potentially one of the most significant and anticipated data privacy judgments to...more
Prospective Class Action Against Google is Stopped - Summary - The UK Supreme Court has handed down its much anticipated judgment in Lloyd v Google LLC. Google has successfully appealed against the Court of Appeal’s...more
On September 10, the U.K. government launched a consultation “Data: A New Direction” (Consultation), which proposes significant changes to the U.K.’s data protection framework. The U.K. government has signalled its...more
Cyber incidents have a serious regulatory and reputational impact, and increasingly form the subject of follow-on civil litigation. Such civil claims may be less financially attractive for claimants as a result of this case,...more
Since the General Data Protection Regulations ("GDPR") came into force in 2018, companies in the United Kingdom (UK) that have suffered cybersecurity attacks often face civil claims from individuals whose data has been...more
This quarterly update highlights some of the international data protection issues that have caught our attention, and the attention of our clients, in the past three months....more
The end of the Brexit transition period is now upon us. Whilst the EU General Data Protection Regulation (EU GDPR) is retained in domestic law with minimal amendment, the so-called 'UK GDPR' has some key changes that...more
Hot on the heels of the £20 million fine issued to British Airways, the Information Commissioner’s Office (“ICO“) has issued Marriott International Inc. (“Marriott“) with a long-awaited penalty notice for its failure to...more
Few will have been surprised that, when the ICO eventually published details of the BA and Marriott fines, the final penalties were very much lower than the £183+ million and £99+ million proposed in the original notices of...more
On 30 October 2020, the UK’s data privacy regulator, the Information Commissioner’s Office (ICO) issued a final penalty notice (Penalty Notice) to fine the hotel chain Marriott International, Inc. (Marriott) for a GDPR data...more
The UK Information Commissioner’s Office (ICO) has recently handed down two of the largest fines relating to a data breach in UK history. In August 2018, British Airways (BA) was subject to a cyberattack which breached the...more