No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
For community associations, this is especially important as these organizations often manage large amounts of PII of homeowners and residents (e.g., name, address, phone number, etc.), including certain categories of...more
In 2024, as in years past, healthcare fraud enforcement by the U.S. Department of Justice (DOJ) was substantial. Federal actions under the False Claims Act (FCA) alone resulted in $1.67 billion in settlements and judgments...more
New York State Governor Hochul recently gave us a “pre” New Year’s gift: effective on December 21, 2024, any individuals or businesses possessing the “private information” of New Yorkers must notify them, and certain state...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
If your business is one of the lucky ones that has not yet had to address the requirements of the various consumer privacy laws across the country, it is once again time to check whether your status has changed. Eight more...more
In today's digital era, the volume of electronic data generated by organizations is staggering. For law firms conducting due diligence, managing this data while ensuring compliance with stringent data privacy regulations is a...more
The HHS Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying 946,801 people whose protected health information or other personally identifiable information...more
Minnesota was the nineteenth state to pass a comprehensive data privacy law, the Minnesota Consumer Privacy Act (H.F. 4757) (MCPA), which becomes effective on July 31, 2025. While we continue to see more of these laws...more
On May 31, 2024, Colorado enacted H.B. 24-1130, an amendment to the Colorado Privacy Act (CPA) regarding the use of biometric information (the “Biometric Amendment”). The Biometric Amendment, effective July 1, 2025, requires...more
With state privacy laws continuing to increase, will the federal American Privacy Rights Act be adopted? Over 18 states have now enacted comprehensive state privacy laws, three of which go into effect on July 1, 2024, in...more
On July 1, 2024, Florida, Oregon, and Texas will join California, Colorado, Connecticut, Utah, and Virginia by adding privacy laws governing the collection, use, and transfer of consumer personal data. Montana will follow...more
Introduction - As a federal state with law-making powers shared between federal and provincial/territorial governments, Canada has both federal and provincial/territorial privacy laws that govern the private and public...more
Introduction - The Brazilian General Data Protection Law (“LGPD”), enacted in 2018 and enforced since 2020, serves as the cornerstone of the country's data protection framework. Its primary objective is to ensure the...more
When it comes to data privacy and regulation of personal information, United States companies face a number of major challenges. Compliance is not easy when you have fast-moving targets. The single biggest cause of this...more
With the onslaught of new privacy legislation and cyber threats coupled with upticks in enforcement, running a well-functioning and flexible privacy program is now, more than ever, a critical component of an organization’s...more
Recent Chinese regulations on personal data protection and standard contractual processes limit the cross-border transfer of personally identifying information. ...more
The Gramm-Leach-Bliley Act (GLBA) is a federal law that establishes various legal requirements for companies that qualify as “financial institutions” under the Act. The GLBA’s definition of a “financial institution” is...more
With a dizzying array of state privacy laws on the horizon, the prospect of a federal solution has come into sharp focus. Rather than a patchwork of regional legislation, a comprehensive national framework would potentially...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
Keypoint: Modifications to the CCPA regulation’s provisions regarding requests to opt-out and authorized agent requests are now final. On March 15, 2021, the California Attorney General’s office announced that the Office...more
California voters signaled that privacy is a top priority by overwhelmingly approving Proposition 24 on Nov. 3, 2020—the California Privacy Rights Act (CPRA). The CPRA amends and significantly strengthens the recently enacted...more
In the 2020 Augmented and Virtual Reality Survey conducted by Perkins Coie, Boost VC, and the XR Association, nearly three-quarters of industry leaders polled indicated that they expect immersive technologies to be mainstream...more
Staying on top of what’s new in data privacy is tough. As Robert Bond, Partner and Notary Public at the UK-based law firm Bristows explains, over 100 countries have drafted or implemented new data privacy laws in 2019. To...more