We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Courts across the country are becoming skeptical of data breach and web tracking claims that assert theoretical privacy violations without alleging any actual injury to the plaintiffs. Recent decisions underscore that courts...more
The growing prevalence of data breaches has led to an uptick in class action litigation based on consumers' personal information allegedly being accessed. A common theme emerging in these lawsuits is plaintiffs claiming that...more
Class actions arising from data breach represented the fastest growing segment of class action filings. In 2023, more than 2000 class actions were filed, more than triple the amount filed in 2022. These cases were filed in...more
The law can be funny. Not in a comedic way, but in a way that defies expectations about what is needed to bring a cause of action. Sometimes this is manifested in the quantum of evidence needed to bring an action and survive...more
On June 30, the U.S. Court of Appeals for the First Circuit overruled a district court’s dismissal of a putative class action against a home delivery pharmacy service for allegedly failing to prevent a 2021 data breach that...more
Takeaway: Ever since the U.S. Supreme Court ruled in Clapper v. Amnesty Int’l USA, 568 U.S. 398, 416 (2013), that plaintiffs “cannot manufacture standing merely by inflicting harm on themselves based on . . . hypothetical...more
Takeaway: We have written a number of articles about the kinds of intangible injuries that confer Article III standing in the data breach and credit reporting contexts. See Data breach class actions: Southern District of...more
The Third Circuit Court of Appeals has given new life to a putative class action suit led by a former employee of a company that suffered a ransomware attack, leading to her sensitive information being released onto the Dark...more
Takeaway: In a prior article, we reported on the Second Circuit’s decision in McMorris v. Carlos Lopez & Associates, LLC, 995 F.3d 295 (2d Cir. 2021), in which the court, ruling on an issue of first impression, set out a...more
Takeaway: In the wake of a data breach, a class of Plaintiffs whose personal and/or financial information is disseminated to third parties all share the same concern – the risk of future harm. But in order for these...more
In a data breach lawsuit, a plaintiff will sue a company that suffered a data breach in which the plaintiff’s personal information was stolen by cyberattackers. The plaintiff will claim that the breach has exposed the...more
Despite the much-anticipated impact of TransUnion LLC v. Ramirez (“Ramirez”), the Supreme Court decision has not prevented data breach and privacy class actions from proceeding past the pleading stage in federal courts across...more
The Supreme Court’s June 2021 decision in TransUnion LLC v. Ramirez led many to believe that data breach plaintiffs were going to have a difficult time establishing standing. After all, the Court suggested that exposure to...more
On June 25, the Supreme Court held in a 5-4 decision that Article III prohibits certification of a class and a damages award where the majority of class members lack actual injury. In TransUnion v. Ramirez, the Ninth Circuit...more
The Central District of California recently dismissed a data breach class action for lack of standing, notwithstanding evidence that the stolen data of 40 million consumers had allegedly been offered for sale on the dark web....more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - President Biden Issues Cybersecurity Executive Order - On May 12, 2021, President Biden issued an executive order that placed new standards on the...more
Corporate defendants besieged by proliferating bet-the-company privacy and consumer class action lawsuits recently scored a victory in the US Supreme Court with implications for data breach victims. Originally published in...more
We previously wrote about the proposed class action lawsuit against Canon USA Inc. that resulted from a data breach of former and current employees’ personal information. This week, Canon argued in New York federal court that...more
Instead of identifying traditionally “tangible” injuries, data breach plaintiffs typically point to the fact that they may be the victim of identity theft at some point in the future. Prior to late April 2021, the federal...more
Takeaway: Since the U.S. Supreme Court addressed the issue of standing based on allegations of possible future injury in Clapper v. Amnesty International USA, 568 U.S. 398 (2013), the courts of appeals have addressed this...more
In McMorris v. Carlos Lopez & Associates, LLC, a data breach case, the Second Circuit held that plaintiffs may demonstrate standing based on a theory of “increased risk” of future identity theft or fraud following an...more
A federal appeals court recently addressed whether employees had standing to bring a lawsuit when their personally identifiable information (PII) was inadvertently circulated to other employees at the company, with no...more
While some states have enacted privacy laws granting consumers the right to bring a private right of action in a data breach context, federal courts have struggled to fit data breach injury into traditional Article III...more
The Second Circuit recently issued a decision in McMorris v. Carlos Lopez & Associates, LLC, No. 19-4310, 2021 U.S. App. LEXIS 12328 (2nd Cir. Apr. 26, 2021), which clarifies the circumstances under which plaintiffs alleging...more
In a thoughtful opinion that diverges from how other circuit courts have addressed the issue, the Second Circuit recently issued a ruling clarifying the circumstances when data breach plaintiffs can rely on fear of identity...more