No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
New Jersey officials recently released proposed privacy regulations that would create several new compliance obligations for businesses above and beyond what existing state law and many other state laws require, meaning you...more
In Part Two of this FAQ series, we continue to break down Virginia’s Senate Bill 754, Consumer Protection Act; prohibited practices, etc., reproductive or sexual health information (Act), which amends the Virginia Consumer...more
Montana recently amended its privacy law through Senate Bill 297, effective October 1, 2025, strengthening consumer protections and requiring businesses to revisit their privacy policies that apply to citizens of Montana....more
Much like Blockbuster Video rental stores (of which you might be surprised to learn there is still one remaining), the Video Privacy Protection Act (VPPA) was quietly slipping into obsolescence with the advent of the Internet...more
In a notable development for corporate defendants grappling with consumer privacy litigation, the Southern District of New York has recently issued a decision in Lee v. Springer Nature America, Inc., embracing a broadened...more
The Video Privacy Protection Act (“VPPA”), a federal statute enacted in 1988, is gaining new relevance in recent years as plaintiffs bring lawsuits with the goal of enforcing online privacy rights. 2024 saw a continuation of...more
On July 9, 2021, New York City enacted a new biometric ordinance regulating how businesses handle biometric identifier information. The new law is the first of its kind in New York and requires commercial establishments...more
With a dizzying array of state privacy laws on the horizon, the prospect of a federal solution has come into sharp focus. Rather than a patchwork of regional legislation, a comprehensive national framework would potentially...more
On November 3, 2020, California voters convincingly approved the California Privacy Rights Act (“CPRA”) ballot initiative. The CPRA builds upon and amends the California Consumer Protection Act (“CCPA”), aligning it more with...more
As the federal government, state governments, businesses and other entities continue their response efforts related to the COVID-19 pandemic, the privacy and security of consumers’ personal health information remains a top...more
With the CCPA (California Consumer Privacy Act) in effect as of January 1, but regulations still being revised and finalized, businesses are struggling to know what they need to do now to comply....more
A constantly evolving framework of laws governing how multinational businesses can contact customers to how nonprofits report business income to how overtime is calculated and paid will influence how companies do business...more
Report on Supply Chain Compliance 3, no. 1 (January 9, 2020) - California’s new data privacy law went into effect Jan. 1, 2020, but the date is largely symbolic. Companies should already have a data management plan in...more
Last month, the California Attorney General released draft regulations for the California Consumer Privacy Act (CCPA). (Here). The regulations focus on three primary areas: (1) consumer notices; (2) consumer requests for...more
In this miniseries, John ReVeal will discuss key issues and top of mind concerns for businesses under the California Consumer Privacy Act, which will go into effect January 1, 2020. In the second episode, John ReVeal...more
Probably not. The CCPA broadly defines the term “sale” as including the act of “disclosing” or “making available” personal information “for monetary or other valuable consideration” from one business to another. The...more
The dust has finally settled in the California State Legislature and the big winner for amendments to the CCPA is AB-25, which started out as carving out employees from the definition of consumer for the purpose of CCPA. The...more
California is the largest cannabis market in the United States and it is soon to be the first state in the country with a comprehensive data privacy regime designed to protect consumers’ personal information. The California...more
Don’t wait to implement your California Consumer Privacy Act (CCPA) compliance as it could require changes to your operations. CCPA can apply to businesses even if they do not have offices or employees in California. It can...more
New York’s state legislature is considering a new data privacy law that would set the standard for data privacy in the U.S. The New York Privacy Act (the “NYPA” or the “Act”), which is currently being considered by the state...more
• California's protracted legislative and regulatory process has complicated the landscape for businesses needing to implement the operational, technical and procedural changes required by the California Consumer Privacy Act....more
Get ready: October 1, 2019 is the new date for many U.S. businesses to begin providing consumers the right to opt-out of the sale of their personal information. While January 1, 2020 was the date upon which many businesses...more
Earlier this year, California legislators proposed A.B. 981 (“the proposal”), which, among other things, would have exempted insurance institutions, agents and support organizations (“insurers”) from many provisions of the...more
The new California Consumer Privacy Act of 2018 (CCPA) will come into effect January 1, 2020. By turning attention to the issue now, cannabis companies can ensure compliance with the new law without significant business...more
On April 16, 2019, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) released a new Risk Alert regarding Regulation S-P deficiencies found in recent examinations of...more