No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
3 Our recent post (Real Versus Robot) focused on the risks inherent in the virtual world of accidentally hiring a bot and provided some tips for ensuring bad AI-actors don't end up working inside an organization. Today's WSJ...more
New York State Governor Hochul recently gave us a “pre” New Year’s gift: effective on December 21, 2024, any individuals or businesses possessing the “private information” of New Yorkers must notify them, and certain state...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
As previously noted, the Illinois Biometric Information Privacy Act (BIPA) has invited a great deal of litigation, often resulting in interpretations favorable toward plaintiffs. As a result, we advise employers who use...more
I recently had the chance to visit with Jonathan Armstrong on a recent data breach case that occurred in the health service provider NHS Lanarkshire (Scotland) during the COVID-19 pandemic. This breach serves as a stark...more
WHAT YOU NEED TO KNOW IN A MINUTE OR LESS - The collection and storage of sensitive data can not only invite the attention of government agencies, but also that of putative class action plaintiffs. Government inquiries,...more
China recently enacted its Personal Information Privacy Law (PIPL), which came into effect November 1, 2021. PIPL has global reach and broadly regulates entities of all industries that process the personal data of Chinese...more
Since 2018, the decision-making arsenal of the UK Information Commissioner’s Office (“ICO”) has included the Regulatory Panel, a body tasked with making independent recommendations to the Commissioner regarding proposed...more
Learning Objectives: - What is a PIA and a DPIA? - Who should instigate assessments? - How and when to use assessments? - The relationship between assessments and privacy by design, and legal grounds for processing...more
A heightened risk for cyberattacks and data breaches calls for companies to remain diligent as they navigate a patchwork of federal, state, local and sector-specific privacy and data protection laws, regulations and guidance....more
Virginia is on track to be the second U.S. state to enact comprehensive consumer privacy legislation. Both the Virginia House of Delegates and the Virginia Senate have passed nearly identical versions of the Consumer Data...more
When it comes to scams and frauds, it's not just individuals at risk, but also companies. In Episode 2 of Digging Deeper, Chris Morgan Jones interviews Jordan Arnold about corporate scams, and they even discuss cracking the...more
The California Consumer Privacy Act (CCPA) requires businesses covered by the CCPA to notify their employees of the categories of personal information the business collects about employees and the purposes for which the...more
CYBERSECURITY - Patching Gets More and More Complicated but Is Critical for Managing Risk - Patching vulnerabilities has always been challenging, but these days, it is getting more and more complicated as...more
Aunque los conceptos de responsable y encargado del tratamiento han sido ampliamente estudiados y analizados en el pasado, el Comité Europeo de Protección de Datos ha publicado recientemente una guía en la que, además de...more
With the world in various states of lockdown, your organization’s online presence is more important than ever…even more so with official enforcement of CCPA beginning last month. It may be a good time to spend an afternoon...more
When the General Data Protection Regulation (GDPR) was introduced, one of the central topics in the media was the possibility of large fines for data protection violations. Art. 83 of GDPR set benchmarks with a maximum fine...more
Requirements under a new Dubai International Financial Centre data protection law will apply within the DIFC from 1 July 2020. ...more
With the July 1 enforcement of the California Consumer Privacy Act (CCPA) less than a month away, the state attorney general has finally submitted the final text of the proposed CCPA regulations to the California Office of...more
The more technologically advanced the world gets, the more there is a need for Privacy Risk Management....more
The new data security requirements provision of New York’s Stop Hacks and Improve Electronic Data Security (SHIELD) Act went into full force as of March 21, 2020, and all people and businesses, regardless of the state in...more
The European Data Protection Board (EDPB) and a number of European data protection supervisory authorities have recently issued guidance on processing personal data, including special categories of personal data (i.e., health...more
On March 5, 2020, Vermont Governor Phil Scott signed into law Senate Bill 110, “An act relating to data privacy and consumer protection,” which provides authority to develop a statewide data privacy inventory of the...more
What features should a legal or compliance team or technology buyer look for in the various solutions that should be elements of an effective data privacy and information governance initiative?...more
With the CCPA (California Consumer Privacy Act) in effect as of January 1, but regulations still being revised and finalized, businesses are struggling to know what they need to do now to comply....more