No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Courts across the country are becoming skeptical of data breach and web tracking claims that assert theoretical privacy violations without alleging any actual injury to the plaintiffs. Recent decisions underscore that courts...more
Artificial intelligence (AI), particularly generative AI, thrives on vast amounts of data, fueling AI capabilities, insights, and predictions. But with this reliance on data comes potential privacy and security risks. And...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
The country’s largest provider of cloud-based education software for K-12 schools announced on January 7 that it fell victim to a massive data breach – which may lead to questions about the implications for your school....more
First passed into law in 2018, the California Consumer Privacy Act (CCPA) received its first major update in 2020 by way of the California Privacy Rights Act (CPRA), through which the California Privacy Protection Agency...more
How could an obscure privacy law from 1988 majorly disrupt online video streaming as we know it and make tech giants like Meta and Netflix targets of class action lawsuits?...more
Four years after the Brazilian General Data Protection Law (LGPD) came into force, Brazil’s Superior Court of Justice (STJ) recently issued a list of precedents exploring how the court applied the law and addressed the...more
On Sept. 17, the Federal Communications Commission (FCC) announced that it has reached a Consent Decree with AT&T Services Inc. to resolve an investigation into a data breach that occurred in January 2023. AT&T's vendor...more
Corporations face unprecedented challenges in safeguarding sensitive data and mitigating privacy risks in an era marked by the rapid proliferation of Internet of Things, or IoT, devices....more
Rhode Island is the latest state to enact consumer privacy legislation. The Rhode Island Transparency and Privacy Protection Act (the "Act"), which passed into law on June 28, 2024, establishes a framework for controlling and...more
Keypoint: While the act does not include many provisions found in the more recent consumer data privacy laws, it would expand privacy notice obligations in one significant way although the applicability and scope of that...more
The Illinois General Assembly recently passed Senate Bill 2979 (SB 2979), an important piece of legislation that makes several much-needed amendments to the Illinois Biometric Information Privacy Act (BIPA). SB 2979 is now at...more
Editor’s Note: In this informative webcast, Christopher Wall, DPO and Special Counsel for Global Privacy and Forensics at HaystackID, moderates a compelling discussion titled “From Breach to Insight: Incident Response and PII...more
As our loyal Practical Privacy readers may remember, back in December of 2021, the Federal Trade Commission (the “FTC” or “Commission”) began a rulemaking process to update the Commission’s Health Breach Notification Rule...more
On April 26, 2024, the Federal Trade Commission (“FTC”) announced it had finalized changes to modernize the Health Breach Notification Rule (the “HBNR”) by clarifying its applicability to health and wellness apps and other...more
Keypoint: Nebraska is the seventeenth state legislature to pass consumer data privacy legislation with a bill that largely tracks the Texas Data Privacy and Security Act. On April 11, 2024, the Nebraska legislature passed...more
President Biden issued an Executive Order last month calling on the DOJ and relevant government agencies to tighten regulations on bulk data transfers to “countries of concern.” In late February, President Biden issued...more
As the health care industry continues reeling from the recent Change Healthcare ransomware attack that crippled large portions of the U.S. health care system, health care providers are naturally reminded of the importance of...more
NIST Publishes Report on the Cybersecurity of Genomic Data. On December 20, 2023, the NIST National Cybersecurity Center of Excellence (NCCoE) published Final NIST IR 8432, Cybersecurity of Genomic Data. Informed by direction...more
Employers looking to enhance their suite of employee benefit programs, and focused on lessons learned during the pandemic on wellbeing, are interested in providing greater access to wellness tools. And, the vendors who...more
The FCC has significantly expanded telecommunications carriers’ data breach notification and reporting obligations. Telecommunications carriers, including Voice over Internet Protocol (VoIP) services, and telecommunications...more
CYBERSECURITY - Hackers Steal $4.4M Crypto Using Data Linked to LastPass Breach - According to Bleeping Computer, crypto fraud researchers at ZachXBT, and MetaMask developer Taylor Monahan have reported that on October 25,...more
Jessica Gulick is a woman of many trades. She is the founder and CEO of the cyber marketing firm Katzcy, the founder and commissioner of the US Cyber Games, and a trailblazer who is working to make cybersecurity a sport that...more
Popular file transfer tool MOVEit’s recent data security vulnerability prompted many businesses to communicate, internally and externally, about the impact of the incident on its business. Originally published in Law360 -...more
U.S.-based multinationals with employees in the People’s Republic of China (PRC) are confronting a November 30 deadline to implement China’s new cross-border data transfer mechanism—the Standard Contract. This implementation...more