No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Starting July 9, 2025, the U.S. Department of Justice will begin enforcing its new “Bulk Sensitive Data Rule,” a sweeping regulation aimed at restricting the transfer and storage of sensitive U.S. personal and...more
The Illinois Supreme Court unanimously ruled that the exclusivity provisions of the Workers’ Compensation Act do not bar a claim for statutory damages under the Biometric Information Privacy Act (BIPA). In so doing, the Court...more
An Illinois appellate court has ruled that Apple’s biometric unlock features, including Touch ID fingerprint scanning and Face ID facial geometry scanning, do not violate the state’s Biometric Information Privacy Act (BIPA)....more
Does your company use fingerprinting or some facial recognition scanner as part of its clock-in, clock-out process? If your company has facilities or even some contacts with Illinois (and maybe other states in the future) you...more
Last week, a federal court in Illinois ruled that the Illinois Biometric Information Privacy Act (BIPA) (740 ILCS § 14/1 et seq.) can apply to companies that do not exclusively control consumers’ biometric data, denying an...more
Back in November, I wrote on this blog about Big Data being one of the challenges that is forcing technology to move more to the data sooner in the discovery process. One of the most notable fun facts that illustrate just how...more
On November 3, 2020 California voters approved the California Privacy Rights Act (CPRA) by a healthy margin. As we discussed last year, the CPRA addresses several perceived loopholes in the California Consumer Privacy Act...more
Organizations of all sizes and industries benefit from a comprehensive data retention policy. Between a sprawl of cloud-based apps and industry guidelines and laws, outlining what data needs to be stored, how it needs to be...more
Every organization needs to develop an effective data retention policy to gain visibility and control over its information. But given the increasing complexity of today’s data systems and the constantly evolving regulatory...more
The use of biometric-enabled devices has become ubiquitous in the modern workplace. Biometric time clocks offer employers an accurate and reliable way to track employees’ hours, while increasing accountability. Biometric...more
It’s tough complying with data privacy laws. You spend gazillions of dollars complying with GDPR, and then you have to spend a bunch more in response to the California Consumer Privacy Act (CCPA). Job done, right? Not...more
The words “hodgepodge” and “patchwork” are overused in the world of risk and compliance, but they’re certainly appropriate for describing the myriad data privacy regulations popping up around the world. In 2018, the world...more
In this day, data is often one of the most valuable assets companies have and it needs to be protected as such. Guarding data has become crucial for every business, no matter the size and industry. In the first half of 2019,...more
A few weeks ago, Texas signed into law an amendment to its data breach law, capping off a busy first half of 2019 for state lawmakers in this arena. As we gear up for the second half of 2019, we thought a recap was...more
The FTC has entered into a settlement with LightYear Dealer Technologies, doing business as DealerBuilt, a technology company that develops and sells dealer management system (DMS) software and data processing services to...more
On January 25, 2019, the Illinois State Supreme Court ruled that the state’s Biometric Information Privacy Act (BIPA) only requires individuals to show violation of the law to bring suit. Businesses with a presence in...more
The Illinois Supreme Court recently handed down its much-anticipated decision in Rosenbach v. Six Flags Entertainment Corporation et al., clarifying what makes someone “aggrieved” and able to bring a claim under the Illinois...more
The Pennsylvania Supreme Court recently held that employers have “a legal duty to safeguard” the personal data of their employees which is stored on internet-accessible computer systems and that the economic loss doctrine...more
Many of the most popular mobile apps collect personally identifiable information. Although most app developers are not required to display a privacy policy under federal law, they are contractually required to do so pursuant...more
Issues of digital privacy are multi-faceted and extend far beyond the now-routine data breaches that make headlines. The digital collection, use, and storage of biometric information (fingerprints, retinal or iris scans,...more