No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Ten years ago, a California Court of Appeal determined that the Song-Beverly Credit Card Act of 1971 (also the Act), an act that prohibits retailers from requiring consumers’ personally identifiable information (PII) as a...more
Over the past few months, a wave of new lawsuits has been filed in California state court against online retailers alleging violations of California’s Song-Beverly Credit Card Act, Cal. Civ. Code § 1747.08 (“Song-Beverly”)....more
Marriott International Inc. (Marriott) has released new numbers relating to its Starwood Hotel’s reservation database by stating that more than 5 million passport numbers were stolen in the database. ...more
If you are a retailer with locations in New Jersey, you will need to review your procedures in anticipation of a new law effective October 1, 2017....more
Cybersecurity should always be at the top of any retailer’s priority list—and even more so as the holiday shopping season gets underway. To that end, the Federal Trade Commission’s newly-released Data Breach Response...more
Many of the largest retailer data security breaches have been caused or enabled by the acts or omissions of retailers’ vendors, such as the widely publicized incident at Target Corporation. Several such breaches occurred...more
Starting today, October 1, 2015, a substantial portion of the liability associated with in-store fraudulent credit card purchases shifts from credit card issuers, such as banks or credit unions, to retail merchants. Credit...more
As has been widely reported, the popular retail giant Target announced yesterday that it suffered a data breach impacting approximately 40 million credit and debit card accounts used in Target stores across the country...more
The U.S. District Court for the Eastern District of California has held that the prohibition against requesting or requiring personal identification information in connection with credit card transactions contained in...more
A California court ruled last week that retailers could lawfully collect ZIP code information to reduce credit card fraud, efforts that result in lower prices for consumers. Following the California Supreme Court’s decision...more
Another class action suit has been filed in Massachusetts in the zip code wars. This time, the target is instrument retailer Guitar Center for allegedly requesting customers to provide their zip codes when making purchases...more
Earlier this month, we reported on the privacy case against craft giant Michaels Stores in which the plaintiff alleged that Michaels illegally collected zip codes during credit card transactions. The case was ultimately...more
In a recent decision, Tyler v. Michaels Stores, Inc., the Massachusetts Supreme Judicial Court held that zip codes are “personal identification information” and that a merchant asking for that information during a credit card...more
In a recent ruling arising from certain certified questions in Tyler v. Michaels Stores, Inc., Civ. No. 11-10920-WGY (D. Mass. Jan. 6, 2012, the Massachusetts Supreme Court interpreted “personal identification information”...more
Earlier this month, the Massachusetts Supreme Court issued an opinion holding that zip codes “may well qualify” as personally identifiable information under the Massachusetts law controlling the treatment of PII in credit...more
The Supreme Judicial Court of Massachusetts recently held that collecting a consumer's ZIP code at the point of sale may violate Massachusetts General Laws Chapter 93, Section 105(a) (Section 105(a)), which restricts the...more
“May I have your zip code?” is an all-too-familiar question that may be going the way of the dinosaur in Massachusetts. Many retailers commonly ask customers for their zip codes when processing credit card transactions at,...more