No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Montana recently amended its privacy law through Senate Bill 297, effective October 1, 2025, strengthening consumer protections and requiring businesses to revisit their privacy policies that apply to citizens of Montana....more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
Much like Blockbuster Video rental stores (of which you might be surprised to learn there is still one remaining), the Video Privacy Protection Act (VPPA) was quietly slipping into obsolescence with the advent of the Internet...more
In a notable development for corporate defendants grappling with consumer privacy litigation, the Southern District of New York has recently issued a decision in Lee v. Springer Nature America, Inc., embracing a broadened...more
The Video Privacy Protection Act (“VPPA”), a federal statute enacted in 1988, is gaining new relevance in recent years as plaintiffs bring lawsuits with the goal of enforcing online privacy rights. 2024 saw a continuation of...more
Generally, an attorney can issue subpoenas. However, when you seek to serve an Internet Service Provider ("ISP) to find out the name and address of the subscriber (who may be an infringer of your IP), the Cable Privacy Act...more
Biometric data is seen as a preferred means of identification by many businesses. Unlocking a smartphone using facial recognition and other biometric identifiers, for example, gives users the feeling as if they are more...more
On November 3, 2020, California voters convincingly approved the California Privacy Rights Act (“CPRA”) ballot initiative. The CPRA builds upon and amends the California Consumer Protection Act (“CCPA”), aligning it more with...more
With the CCPA (California Consumer Privacy Act) in effect as of January 1, but regulations still being revised and finalized, businesses are struggling to know what they need to do now to comply....more
A constantly evolving framework of laws governing how multinational businesses can contact customers to how nonprofits report business income to how overtime is calculated and paid will influence how companies do business...more
Last month, the California Attorney General released draft regulations for the California Consumer Privacy Act (CCPA). (Here). The regulations focus on three primary areas: (1) consumer notices; (2) consumer requests for...more
The dust has finally settled in the California State Legislature and the big winner for amendments to the CCPA is AB-25, which started out as carving out employees from the definition of consumer for the purpose of CCPA. The...more
Thanks to recent negotiations among state lawmakers, it appears that California employers may get a temporary reprieve on some of the more sweeping data privacy requirements that were set to take effect in just a few short...more
• California's protracted legislative and regulatory process has complicated the landscape for businesses needing to implement the operational, technical and procedural changes required by the California Consumer Privacy Act....more
Companies within and outside the State of California who offer products and services to California residents are focusing on what they need to do to comply with the new California Consumer Privacy Act of 2018 (CCPA), which...more
I attended a seminar at my firm last week that set forth the next big thing in California — the California Consumer Privacy Act (CCPA). It is California’s version of the European Union’s General Data Protection Regulation...more
California recently enacted the Consumer Privacy Act, the most stringent privacy law in the United States. Although it does not go into effect until January 1, 2020, most companies will need a number of months to prepare. The...more
The California Consumer Privacy Act of 2018 (“CCPA”) was signed into law by Governor Jerry Brown on June 28, 2018, and goes into effect on January 1, 2020....more
Your business may be compliant with the General Data Protection Regulation (GDPR), but that does not guarantee compliance with the next wave of data privacy: the California Consumer Privacy Act (CCPA) going into effect on...more
The CCPA is an unprecedented privacy law that grants California residents sweeping rights concerning the collection and use of their information. Once the law becomes effective on January 1, 2020, covered businesses can...more
The California Consumer Privacy Act (CCPA), a broad-based law protecting information that identifies California residents, was passed in June 2018 and will go into effect in 2020. Dubbed “GDPR Lite” to denote its similarities...more
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (“CCPA”) will impose new privacy obligations on certain businesses that collect personal information of California consumers and are (or are jointly...more
Beyond preparing for this year’s holiday rush, retailers around the country have started thinking about potential changes to their operations in response to California’s sweeping new consumer privacy law. The California...more
Privacy activists cheered when, on June 28, 2018, Governor Brown signed into law the strictest consumer privacy law in the United States; the California Consumer Privacy Act of 2018 (“CCPA”). Effective January 1, 2020, the...more
Companies that are getting acclimated to the European Union’s General Data Protection Regulation (GDPR) have a new and just as significant compliance challenge to confront: The California Consumer Privacy Act. Signed into...more