No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
On February 14, 2025, in Therrien v. Hearst Television, Inc., the District of Massachusetts denied a motion for class certification due to the plaintiff’s failure to meet the implied ascertainability requirement of Rule 23....more
Some businesses might be surprised to learn that digital wiretapping litigation claims are one of today’s fastest-growing compliance risks, with over 1,560 lawsuits filed in 28 states since a groundbreaking 2022 decision...more
On June 7, 2023, the New York legislature passed the Stop Addictive Feeds Exploitation (SAFE) for Kids Act (SAFE Act or the Act) and the New York Child Data Protection Act (CDPA), both aimed at protecting children online. The...more
The recent passage of H.R.7521, the Protecting Americans from Foreign Adversary Controlled Applications Act (the “Act”), by the House of Representatives aims to restrict TikTok to U.S. users unless the platform’s parent...more
On January 11, 2024, the Federal Trade Commission (FTC) published a Notice of Proposed Rulemaking that would fortify the Children’s Online Privacy Protection Act (COPPA). This move underscores a significant shift in the...more
On March 7, 2024, a bipartisan coalition of 43 state attorneys general sent to the Federal Trade Commission (“FTC”) a letter urging the FTC to update the regulations (“COPPA Rules”) implementing the Children’s Online Privacy...more
On December 20, 2023, the Federal Trade Commission (FTC) announced proposed revisions to its rules administering the Children’s Online Privacy Protection Act (COPPA). The updates both expand the universe of businesses subject...more
On December 20, 2023, the Federal Trade Commission (FTC) announced proposed changes to the Children’s Online Privacy Protection Rule (COPPA Rule) that would place significant new restrictions on companies that collect...more
On July 20, 2023, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) and the Federal Trade Commission (FTC) sent a joint letter to approximately 130 hospitals, telehealth providers, health...more
Shortly before Privacy Day, California Attorney General (Cal AG) Rob Bonta announced a California Consumer Privacy Act (CCPA) enforcement sweep that targeted mobile applications....more
The California Attorney General just announced an investigative sweep of mobile apps that allegedly fail to meet the requirements of state data privacy law, meaning businesses that conduct business through apps need to...more
Report on Patient Privacy Volume 23, no 1 (January 2023) The Centers for Medicare & Medicaid Services (CMS) said a data breach at a Medicare subcontractor impacted the personally identifiable information and protected...more
COPPA, or the Children's Online Privacy Protection Rule, was designed to protect the privacy of children under 13 years of age by giving their parents certain tools to control how the child's information can and cannot be...more
The FTC recently took two well-publicized steps in the children’s privacy space. First, it penalized WW International (formerly, Weight Watchers) and its subsidiary, Kurbo, for alleged COPPA violations. Second, it unanimously...more
Researchers from the Mozilla Foundation reviewed the privacy policies of 32 mental health apps ranging from guided meditation to telehealth counseling services and flagged 28 of them as having “Privacy Not Included.” In...more
I traveled this week by plane to a client to conduct a cybersecurity tabletop exercise—one of my favorite things to do (the tabletop, not the flying). - To be able to use the wi-fi, everyone instructed in the gate area was...more
Our Privacy, Cyber & Data Strategy and Consumer Protection/FTC teams offer key takeaways from the Federal Trade Commission’s enforcement action in the midst of renewed emphasis on children’s privacy by both the Biden...more
There is a federal law, the Children’s Online Privacy Protection Act (COPPA), that requires app developers to obtain parental consent before collecting information from children under the age of 13. The law has been on the...more
MoviePass, a service formerly known for offering moviegoers unlimited movie tickets for ten dollars a month, is returning from bankruptcy with a new business model: trading ad views for “credits” used to redeem tickets....more
New Mexico’s Attorney General, Hector Balderas, continues to champion children’s online privacy protections, this time settling with Google over alleged violations of the Children’s Online Privacy Protection Act (COPPA). ...more
The surge in new health apps and connected devices, which only increased during the pandemic, continues to raise many legal and ethical questions. As a result, lawmakers have been scrambling to define the obligations...more
The Federal Trade Commission ("FTC") recently announced its intent to "vigorously" enforce its 2009 Health Breach Notification Rule (the "Rule") via a policy statement that sheds light on the Rule's scope. The policy...more
Here are last week’s curated AG and federal regulatory news stories highlighting key areas in which state and federal regulators’ decisions are having an impact across the US: Not Just Fun and Games: Angry Birds Allegedly...more
‘Blessing Loom’ Club Just a Pyramid in Drag? FTC says BINT was fleecing participants while demanding vows of silence - Migraines in No Time - There are all sorts of new-agey trappings that accompany the “Blessing Loom” known...more
On July 1, 2021, the Federal Trade Commission (FTC) announced that it settled allegations against Toronto-based Kuuhuub Inc., along with Kuuhuub's Finnish subsidiaries Kuu Hubb Oy and Recolor Oy (together, defendants), that...more