No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
As cybersecurity threats escalate, state legislatures across the country are tightening requirements for how insurance entities respond to data breaches – and thanks to a new law just passed several weeks ago, Missouri is...more
In a notable development for corporate defendants grappling with consumer privacy litigation, the Southern District of New York has recently issued a decision in Lee v. Springer Nature America, Inc., embracing a broadened...more
The Video Privacy Protection Act (“VPPA”), a federal statute enacted in 1988, is gaining new relevance in recent years as plaintiffs bring lawsuits with the goal of enforcing online privacy rights. 2024 saw a continuation of...more
On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more
Ally Financial Inc., a digital financial services company, faces two class action lawsuits in the U.S. District Court for the Western District of North Carolina related to an April 2024 data breach. The suits allege that Ally...more
Keypoint: The past two months have seen many courts dismiss privacy claims as judges appear to be more critical of plaintiffs’ theories while other judges have allowed cases to proceed past the motion to dismiss stage....more
In recent months, organizations have been dealing with an emerging wave of lawsuits from an unexpected source: the VPPA. The Video Privacy Protection Act (“VPPA”), originally intended to prevent “wrongful disclosures” of...more
On June 30, 2023 the Northern District of Illinois vacated the $228 million damages award previously entered in the first jury trial arising under Illinois’ Biometric Information Privacy Act (BIPA), and ordered a new jury...more
On June 30, 2023, Mount Desert Island Hospital (“MDIH”) filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that an unauthorized party had gained...more
Personal information from federal lawmakers and congressional staff members was available on the dark web following a breach of DC Health Link, the health insurance marketplace for Washington, D.C. In an internal memo sent to...more
The Federal Trade Commission will have its eye on privacy and data security enforcement in 2023. In August, the agency announced that it is exploring ways to crack down on lax data security practices. In the announcement,...more
WHAT YOU NEED TO KNOW IN A MINUTE OR LESS - The collection and storage of sensitive data can not only invite the attention of government agencies, but also that of putative class action plaintiffs. Government inquiries,...more
In the last two years, the Chinese Ministry of Industry and Information Technology, together with other agencies in the Chinese government, launched a series of campaigns for the rectification of excessive personal...more
First we take Sacramento, then we take Berlin: How do US data protection laws affect how you do business. The webinar is aimed at in-house or outside counsel, as well as data protection and compliance officers. In this...more
PCS Revenue Control Systems, Inc. (PCS) was hit with a proposed class action lawsuit last week alleging that it discovered a data breach from a hacking attack in December 2019 but failed to notify the affected students until...more
California voters signaled that privacy is a top priority by overwhelmingly approving Proposition 24 on Nov. 3, 2020—the California Privacy Rights Act (CPRA). The CPRA amends and significantly strengthens the recently enacted...more
As one of the largest information technology service providers to local governments, the cyber-attack on Tyler Technologies (Tyler) in Plano, Texas is a sobering reminder of how a cyber-attack on a third-party vendor can put...more
Data breaches are a hot topic and will undoubtedly get even hotter. Cybersecurity for your own enterprise isn’t enough — you must evaluate your vendors and determine if they’re prepared to resist cyberattacks. ...more
Employers’ engagement and use of various types of vendors has expanded recently, to include vendors who assist with office re-entry screening and contact tracing as employees return to work during the COVID-19 pandemic. ...more
The current COVID-19 pandemic has forced many businesses online in order to survive. In many cases, businesses had no plans to be online. Others were forced to move online more quickly than planned. In order to assist these...more
Developing Contingency Plans: The NYDFS Mandate on Licensed Virtual Currency Businesses - The events surrounding COVID-19 have increased the use of fintech products, both out of necessity and convenience. Shelter-in-place...more
The NYDFS has announced that it has extended the deadline for compliance with certain cybersecurity requirements due to the coronavirus emergency. The announcement from the Superintendent of Financial Services of the State...more
On February 10, 2020, the Attorney General issued revisions to the proposed regulations to the California Consumer Privacy Act (the CCPA) which were originally published in October of last year. While the Attorney General...more
On January 28, 2020, the Department of Health & Human Services (“HHS”) Office for Civil Rights (“OCR”) addressed a federal court’s January 23rd invalidation of certain provisions of the Health Insurance Portability and...more
January 1, 2020, opens both a new decade and a new landscape in privacy regulation in the United States. On that day, the California Consumer Privacy Act, or CCPA, is set to become effective. The law will be the first of its...more