No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
On February 14, 2025, in Therrien v. Hearst Television, Inc., the District of Massachusetts denied a motion for class certification due to the plaintiff’s failure to meet the implied ascertainability requirement of Rule 23....more
In a recent decision from the Southern District of Florida, U.S. District Judge Robert N. Scola, Jr. denied class certification of a proposed class of paid Univision NOW subscribers who assert that Univision NOW’s use of the...more
Courts and class action counsel have been considering what kinds of injuries can confer standing to pursue federal claims following the Supreme Court’s 2021 decision in TransUnion LLC v. Ramirez, which held that the...more
On January 21, 2020, the U.S. Supreme Court denied Facebook’s petition for a writ of certiorari to consider whether consumers alleged a sufficiently concrete injury-in-fact in a biometric privacy lawsuit. A group of...more
Seyfarth Synopsis: On January 29, 2020, Facebook announced that it had reached a settlement with plaintiffs in a class action brought under the Illinois Biometric Information Privacy Act (the “BIPA”) in the U.S. District...more
Although litigation under California’s Song-Beverly Credit Card Act has largely slowed to a trickle, businesses continue to have questions surrounding compliance and litigation risk and exposure. A recent ruling by a...more
The Ninth Circuit has issued its much-anticipated decision in a class action against Facebook involving alleged biometric privacy violations, affirming certification of a class. In Patel v. Facebook, the Northern District of...more
Recently, the Ninth Circuit Court of Appeals held that an Illinois class of Facebook users can pursue a class action lawsuit arising out of Facebook’s use of facial scanning technology....more
In this era where there appears to be a new data security incident announced each month, there is surprisingly little class certification jurisprudence for data security class actions. ...more
Lest anyone think TCPAland isn’t fraught with peril for unwary defendants, let me tell you a quick tale. Citibank is facing TCPA class litigation in the Northern District of California–yes the same Citibank that so...more
This week, in Siglin v. Sixt Rent A Car, LLC, 18-cv-62536, a proposed class action was filed against Sixt Rent A Car, LLC (“Sixt”) for its alleged failure to properly conceal consumers’ card and identification information on...more
We reported last week that a spyware maker recently compromised users’ and victims’ sensitive information. Since that time, another spyware maker, mSpy, which holds itself out as having over a million users employing its...more
We previously noted that in late 2016, Yahoo disclosed that it had experienced multiple data breaches relating to what turned out to be roughly three billion of its accounts. ...more
Consumer data breach class actions, for all of their popularity on dockets and especially in headlines, can make difficult cases for plaintiffs. Issues like standing and damages often keep these cases from getting off the...more
The Fourth Circuit’s 2017 decision in Beck v. McDonald held that the mere fear of identity theft in the wake of a data breach was insufficient to confer Article III standing. ...more
We’ve already written about Spokeo, Inc. v. Robins, 136 S. Ct. 1540 (2016), in which the Supreme Court reaffirmed that all federal plaintiffs, even those alleging a statutory violation, must have suffered a real, concrete...more
The Eighth Circuit Court of Appeals has remanded a $10 million settlement in the Target data breach class action on the grounds that the district court had not rigorously analyzed the propriety of the class certification. ...more
In Spokeo, the Supreme Court declined to answer the certified question of whether a plaintiff suing for violation of a federal statute satisfied Article III’s standing requirement by alleging no concrete injury as a result of...more
Law360, New York (July 1, 2016, 12:12 PM ET) -- The U.S. Supreme Court made a big splash this year establishing a murky threshold for standing that has already been widely cited by both sides of the bar, while consumers...more
In Case You Missed It: Court certifies class in suit against Apple. On July 15, 2016, U.S. District Judge Jon S. Tigar certified a class of users of the mobile app Path, who allege that Apple facilitated the app’s access...more
The Pennsylvania Superior Court has affirmed a trial court's decision denying class certification in a data breach case against two health plans, reversing its own earlier ruling in the same case that the plaintiff did not...more
Attorneys for certain banks and other financial institutions that are caught up in Target’s 2013 data breach are objecting to the $67 million deal struck last week between the retailer and Visa Inc. The banks and credit...more
On September 15, 2015, a federal district court in Minnesota granted a motion for class certification of hundreds of credit unions and banks in an action against Target Corporation for damages stemming from the breach of...more
A federal court recently granted class certification to a group of financial institutions (the “Banks”) in the data breach case against Target Corporation (“Target”) arising from the December 2013 hacking of its computer...more
This Is The End? - Settlement appears imminent in an employee class action against Sony Pictures Entertainment (“SPE”) arising from disclosure of their personally identifiable information (“PII”) in a massive data breach...more