No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Courts across the country are becoming skeptical of data breach and web tracking claims that assert theoretical privacy violations without alleging any actual injury to the plaintiffs. Recent decisions underscore that courts...more
On June 30, the U.S. Court of Appeals for the First Circuit overruled a district court’s dismissal of a putative class action against a home delivery pharmacy service for allegedly failing to prevent a 2021 data breach that...more
Instead of identifying traditionally “tangible” injuries, data breach plaintiffs typically point to the fact that they may be the victim of identity theft at some point in the future. Prior to late April 2021, the federal...more
Takeaway: Since the U.S. Supreme Court addressed the issue of standing based on allegations of possible future injury in Clapper v. Amnesty International USA, 568 U.S. 398 (2013), the courts of appeals have addressed this...more
In McMorris v. Carlos Lopez & Associates, LLC, a data breach case, the Second Circuit held that plaintiffs may demonstrate standing based on a theory of “increased risk” of future identity theft or fraud following an...more
A federal appeals court recently addressed whether employees had standing to bring a lawsuit when their personally identifiable information (PII) was inadvertently circulated to other employees at the company, with no...more
CYBERSECURITY - Health and Personal Information of N.C. Residents Posted Online by Ransomware Group - Becker’s Health IT reports that two batches of sensitive information of Chatham County, N.C. residents have been posted...more
After the California Consumer Privacy Act (CCPA) took effect on January 1, 2020, a surge of class action lawsuits predicated on alleged CCPA violations hit businesses. Because of the act’s novelty, it was unclear whether...more
Takeaway: Data breach cases often turn on whether the threat of future identity theft suffices to establish Article III standing. In yet another data breach case, In re Brinker Data Incident Litig., 3:18-CV-686-J-32MCR,...more
Seyfarth Synopsis: On January 29, 2020, Facebook announced that it had reached a settlement with plaintiffs in a class action brought under the Illinois Biometric Information Privacy Act (the “BIPA”) in the U.S. District...more
On October 1, the Eastern District of North Carolina dismissed a putative data breach class action because the plaintiffs failed to allege facts showing that their stolen data had actually been used (or was likely to be used)...more
In this month's edition of our Privacy & Cybersecurity Update, we examine New York's new laws expanding consumer protection for data breaches, the D.C. Circuit's two rulings deepening the split regarding standing in data...more
The U.S. Office of Personnel Management (“OPM”) made headlines when several hacks of confidential data came to light in 2015, intrusions that compromised the personal data of over 20 million individuals. On July 21, 2019, in...more
The D.C. Circuit Court of Appeals recently reaffirmed its position that a plaintiff can establish Article III standing (federal court subject matter jurisdiction) based solely on the risk of potential future harm following a...more
Last Friday we blogged on the Saks data breach class action, and in the process mentioned a trend among federal courts to reject fear of future identity theft claims in retail breach cases. ...more
Today, a clear divergence of opinions exists among the federal courts of appeal as to the appropriate evidentiary threshold that must be met for establishing Article III standing, which varies significantly among the...more
Takeaway: In the wake of Spokeo, Inc. v. Robins, 136 S. Ct. 1540 (2016), defendants in data breach class actions regularly move to dismiss on standing grounds, arguing the complaint’s allegations do not plausibly allege an...more
The U.S. Supreme Court may finally weigh in on the hottest issue in data breach litigation, whether a demonstration of actual harm is required to have standing to sue. Standing to sue in a data breach class action suit,...more
Overview of the Internet of Things & Its Relation of Product Liability Law - The "Internet of Things" (IoT) generally refers to the network of physical devices (or "things") that are connected to the Internet, collecting and...more
Going Deep on the California Consumer Privacy Act - The California Consumer Privacy Act (CCPA) has been called the beginning of America’s GDPR. As the most comprehensive privacy law in the United States, entities doing...more
Class actions have become an increasingly common means to seek redress in data privacy cases. With data breaches and data privacy claims on the rise, we asked our lawyers in France and the U.S. what you should bear in mind....more
Consumer data breach class actions, for all of their popularity on dockets and especially in headlines, can make difficult cases for plaintiffs. Issues like standing and damages often keep these cases from getting off the...more
California companies housing their drivers’ personal information may feel less exposed to liability in light of the Northern District of California’s holding in Antman v. Uber Technologies, Inc. in May. The trial court in...more
The U.S. Court of Appeals for the Fourth Circuit has found that allegations that fraudsters used the personal information of data breach victims are sufficient to establish standing even without any fraudulent charges...more
Wage and Hour - Decision Upholds Class Action Waivers in Arbitration Clauses, Resolves Circuit Split - The U.S. Supreme Court issued a long-awaited decision in Epic Systems Corp. v. Lewis on May 21, 2018, holding that...more