No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
In Part Two of this FAQ series, we continue to break down Virginia’s Senate Bill 754, Consumer Protection Act; prohibited practices, etc., reproductive or sexual health information (Act), which amends the Virginia Consumer...more
On June 13, 2024, the Rhode Island legislature passed the Rhode Island Data Transparency and Privacy Protection Act (the “Act”), which became law in late June. The Act aims to protect the personal information of Rhode Island...more
On March 6, 2024, New Hampshire Governor Chris Sununu signed into law SB 255-FN, An Act Relative to the Expectation of Privacy (the “Act”), making New Hampshire the 14th state to enact a comprehensive data privacy law —...more
On January 16, 2024, New Jersey became the fourteenth state to enact comprehensive privacy legislation after the passage of the New Jersey Data Privacy Act (“NJDPA”), adding to the growing national focus on consumer personal...more
On January 1, California's Assembly Bill No. 352 (AB 352) went into effect, introducing significant changes to the handling and sharing of sensitive health information — particularly information related to reproductive health...more
This week, California’s governor signed a first-in-the-nation law that will impose new regulations on data brokers, requiring such entities to delete personal data pursuant to consumer requests. Data brokers specialize in...more
Governor Mark Gordon signed the Wyoming Genetic Data Privacy Act into law on March 8, 2022. The law goes into effect on July 1, 2022. The Genetic Data Privacy Act requires any business that collects genetic data from...more
Colorado just became the third state to pass a comprehensive data privacy law, creating more challenges for businesses trying to navigate a variety of state, federal, and international privacy regimes. The Colorado Privacy...more
Introduction Colorado has joined California and Virginia as the third state with a comprehensive data privacy law. On July 7, 2021, Colorado Governor Polis signed the Act into law, following the Colorado Senate's passage of...more
Like Virginia and Washington before it, on March 19, 2021, Colorado introduced a data privacy bill, the Colorado Privacy Act (CPA). As currently drafted, the CPA would be similar to other U.S. state privacy laws, including...more
On March 2, 2021, Virginia’s Governor signed into law the Consumer Data Protection Act (“CDPA”). Virginia is the second state in the nation, after California, to enact a privacy law protecting the rights of individual...more
The Virginia Consumer Data Protection Act (CDPA) became law earlier this week when the state’s governor signed a bill recently adopted by the state’s legislature, making Virginia the second state in the nation with a...more
Virginia Governor Ralph Northam signed the Consumer Data Protection Act (CDPA) on Tuesday, March 2, 2021. Virginia now joins California as the second state to have a data privacy law. The law takes effect on January 1, 2023,...more
Elizabeth Burgin Waller Principal John Pilch Cybersecurity/Privacy Analyst The Virginia Consumer Data Protection Act (CDPA, or “the Act”) makes Virginia the second state in the nation to have sweeping data privacy...more
Recently we wrote about two amendments to the California Consumer Privacy Act of 2018 (CCPA) that were awaiting signature on Governor Newsom’s desk: AB 1281 – which extends the one-year exemptions for employee information and...more
The new data security requirements provision of New York’s Stop Hacks and Improve Electronic Data Security (SHIELD) Act went into full force as of March 21, 2020, and all people and businesses, regardless of the state in...more
One of the major changes introduced by the Stop Hacks and Improve Electronic Data Security (SHIELD) Act, which was signed into New York law last year, is scheduled to take effect this week. ...more
On March 5, 2020, Vermont Governor Phil Scott signed into law Senate Bill 110, “An act relating to data privacy and consumer protection,” which provides authority to develop a statewide data privacy inventory of the...more
Time is running out. The effective date of New York’s cybersecurity law mandating that organizations implement an information security program to protect “private information” of New York State residents, including employee...more
New data retention limitations and disposal requirements on some types of businesses in New York will go into effect on March 21, 2020, under the Stop Hacks and Improve Electronic Data Security (SHIELD Act) that was signed...more
California’s Consumer Privacy Act (CCPA) went into effect on Jan. 1, 2020. While the CCPA has been interpreted as primarily targeting technology companies and data brokers, it has broad reach and applies to any business that...more
From late June 2019 through mid-October 2019, a handful of states amended their data breach notification statutes. Specifically, six states amended their states to (1) require notice to the State Attorney General, (2) broaden...more
Last week was a busy week for the California Consumer Privacy Act (CCPA), as Attorney General Xavier Becerra released draft regulations on October 10 and Governor Newsom signed several pending CCPA amendments into law on...more
Last Thursday, Governor Andrew M. Cuomo signed the Stop Hacks and Improve Electronic Data Security (“SHIELD”) Act, which amends New York’s current data breach notification law and places increased obligations on businesses...more
As mega-breaches heighten concern about the security of personal information and a federal solution does not appear forthcoming, New York recently joined the growing list of states imposing their own security obligations on...more