No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Courts across the country are becoming skeptical of data breach and web tracking claims that assert theoretical privacy violations without alleging any actual injury to the plaintiffs. Recent decisions underscore that courts...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
First passed into law in 2018, the California Consumer Privacy Act (CCPA) received its first major update in 2020 by way of the California Privacy Rights Act (CPRA), through which the California Privacy Protection Agency...more
Rhode Island is the latest state to enact consumer privacy legislation. The Rhode Island Transparency and Privacy Protection Act (the "Act"), which passed into law on June 28, 2024, establishes a framework for controlling and...more
Keypoint: While the act does not include many provisions found in the more recent consumer data privacy laws, it would expand privacy notice obligations in one significant way although the applicability and scope of that...more
Keypoint: Nebraska is the seventeenth state legislature to pass consumer data privacy legislation with a bill that largely tracks the Texas Data Privacy and Security Act. On April 11, 2024, the Nebraska legislature passed...more
Popular file transfer tool MOVEit’s recent data security vulnerability prompted many businesses to communicate, internally and externally, about the impact of the incident on its business. Originally published in Law360 -...more
In the burgeoning realm of data incidents, it is a truism that such incidents are not created equal. Indeed, a data incident is not necessarily a data breach. Originally published in Reuters -August 24, 2023...more
This is Part Three in a series of legal updates on the Washington My Health My Data Act (“WMHMDA”) where Quarles continues its deep dive into the various factors and intricacies of WMHMDA that are creating tidal waves in the...more
2023 continues to be a busy year for state comprehensive privacy legislation. Since our last post, several new states have entered the fray with legislative proposals, while some of the bills we previously examined have moved...more
In this month’s Privacy & Cybersecurity Update, we examine the California Privacy Protection Agency’s revised draft regulations for the California Privacy Rights Act, the Federal Trade Commission’s settlement with a...more
The Federal Trade Commission (FTC) now has a full slate of Commissioners and it is expected to ramp up privacy and cybersecurity enforcement and rulemaking in a number of critical areas. Join us for a discussion of the FTC’s...more
Unless you’ve been completely disconnected from the internet for the past year, you’ve undoubtedly read about the passage of a number of state and international laws addressing privacy and cybersecurity. Does this mean that...more
CYBERSECURITY - Education Sector Continues to Get Hit with Ransomware Attacks - According to Emsisoft, the education sector continues to experience ransomware attacks, with a whopping 1,043 schools affected by ransomware...more
As the world emerged from lockdown, it should come as no surprise that cybersecurity and data privacy remained dominant topics in the media and legal industry. Some of 2021 was much like 2020 – ransomware attacks continued to...more
CYBERSECURITY - FBI Warns Olympics/Paralympics Participants of Cyber “Activities” - On January 31, 2022, the FBI issued a Private Industry Notification entitled “Potential for Malicious Cyber Activities to Disrupt the...more
The California Consumer Privacy Act (CCPA), considered one of the most expansive U.S. privacy laws to date, went into effect on January 1, 2020. The CCPA placed significant limitations on the collection and sale of a...more
While everyone hoped that 2021 would be less tumultuous than 2020, it certainly did not turn out that way in the end. The same was true in the world of data privacy – with sweeping new data protection regulations and guidance...more
As 2021 comes to a close, this article recounts some of the biggest trends in data privacy and cybersecurity from the past year and looks ahead at what we anticipate will come to workplaces in 2022. Employers across the...more
CYBERSECURITY - Joint CISA/FBI Alert on Vulnerability in Zoho ManageEngine ServiceDesk Plus - On December 6, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI)...more
CYBERSECURITY - CISA Issues Incident Response + Vulnerability Response Playbooks for Executive Branch - The Cybersecurity & Infrastructure Security Agency (CISA) issued the Cybersecurity Incident & Vulnerability Response...more
Last month, California Governor Gavin Newsom signed Senate Bill 41, the Genetic Information Privacy Act (“GIPA”), a law that regulates “direct-to-consumer genetic testing companies” that handle the “genetic data” of...more
CYBERSECURITY - Medical Center Rebuilding EMR Following Ransomware Attack - Queen Creek Medical Center (QCMC), also known as Desert Wells Family Medicine, located in Arizona, has notified up to 35,000 patients of a data...more
Global data privacy legislation has steadily advanced over the past several years, with one of the most comprehensive and well-known laws being the General Data Protection Regulation (GDPR), governing personal data...more
CYBERSECURITY - FBI Warns of Hive Ransomware Following Attack Against Hospital System - On August 25, 2021, the FBI issued a Flash Alert to warn companies, especially in the health care industry, about the proliferation...more