No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Courts across the country are becoming skeptical of data breach and web tracking claims that assert theoretical privacy violations without alleging any actual injury to the plaintiffs. Recent decisions underscore that courts...more
Data breaches have become a serious issue for businesses, leading to numerous putative class action lawsuits alleging that the defendants failed to prevent the unauthorized disclosure of personally identifiable information or...more
The Western District of Pennsylvania recently granted Spirit Airlines, Inc. (“Spirit Airlines”)’s Rule 12(b)(1) motion to dismiss a class action brought by a putative class of plaintiffs who visited Spirit Airlines’ website...more
On June 30, the U.S. Court of Appeals for the First Circuit overruled a district court’s dismissal of a putative class action against a home delivery pharmacy service for allegedly failing to prevent a 2021 data breach that...more
On July 11, a split U.S. Court of Appeals for the Eleventh Circuit partially vacated the greenlighting of two data breach class actions, holding that a district court must re-analyze the boundaries of the classes. Both the...more
A federal appeals court recently addressed whether employees had standing to bring a lawsuit when their personally identifiable information (PII) was inadvertently circulated to other employees at the company, with no...more
CYBERSECURITY - Health and Personal Information of N.C. Residents Posted Online by Ransomware Group - Becker’s Health IT reports that two batches of sensitive information of Chatham County, N.C. residents have been posted...more
After the California Consumer Privacy Act (CCPA) took effect on January 1, 2020, a surge of class action lawsuits predicated on alleged CCPA violations hit businesses. Because of the act’s novelty, it was unclear whether...more
Today, data breaches continue to proliferate at a rapid pace, often spurring consumer class action litigation in their wake. Oftentimes, a successful data breach suit can empty a corporate defendant’s coffers. For example,...more
In what some are calling a “bombshell” decision, the 7th Circuit Court of Appeals recently held in Bryant v. Compass Group USA, Inc. that federal courts can now hear cases involving alleged violations of the Illinois...more
On May 5, 2020, the Seventh Circuit held in Bryant v. Compass Group USA, Inc. that a plaintiff who asserted a violation of the Illinois Biometric Information Privacy Act’s (“BIPA’s”) notice and consent requirements had...more
Seyfarth Synopsis: Plaintiffs’ lawyers reached a landmark $550 million settlement in January 2020 in a lawsuit against Facebook by consumers in a class action brought under the Illinois Biometric Information Privacy Act (the...more
On January 21, 2020, the U.S. Supreme Court denied Facebook’s petition for a writ of certiorari to consider whether consumers alleged a sufficiently concrete injury-in-fact in a biometric privacy lawsuit. A group of...more
Seyfarth Synopsis: On January 29, 2020, Facebook announced that it had reached a settlement with plaintiffs in a class action brought under the Illinois Biometric Information Privacy Act (the “BIPA”) in the U.S. District...more
The rapid adoption of biometric technology—designed to measure unique human biological characteristics, like fingerprints, voiceprints, and hand or face scans—has led to a surge of consumer class actions alleging violations...more
The Ninth Circuit has issued its much-anticipated decision in a class action against Facebook involving alleged biometric privacy violations, affirming certification of a class. In Patel v. Facebook, the Northern District of...more
Recently, the Ninth Circuit Court of Appeals held that an Illinois class of Facebook users can pursue a class action lawsuit arising out of Facebook’s use of facial scanning technology....more
In an important opinion, the Ninth Circuit affirmed a lower court’s ruling that plaintiffs in the ongoing Facebook biometric privacy class action have alleged a concrete injury-in-fact to confer Article III standing and that...more
Once the California Consumer Privacy Act (CCPA) takes effect on January 1, 2020, the California courts will be inundated with a litany of interpretive questions. One that will no doubt surface concerns the proper...more
In its first ever ruling concerning the state’s Biometric Information Privacy Act (“BIPA”), Illinois Supreme Court held that a person need not have sustained actual damage beyond technical violations of BIPA in order to...more
In a unanimous decision, the Illinois Supreme Court found that a Six Flags pass holder had a valid claim as an “aggrieved person” under the Illinois Biometric Privacy Act of 2008 (“BIPA”), hence having the right to bring an...more
A recent decision from the Supreme Court of Illinois heightens the risks faced by companies collecting biometric information by holding that an individual who is the subject of a violation of Illinois’ Biometric Information...more
As the number and scale of cases involving the theft or loss of personal information grows, so does the number of plaintiffs filing suit as a result. One of the most difficult hurdles for these plaintiffs to clear is the...more
The Illinois’ Biometric Information Privacy Act (740 ILCS 14/1 et seq.) (BIPA) requires that companies obtain written consent and disclose how they collect, retain, disclose and destroy biometric identifiers such as retina or...more
Since the passage of the Illinois Biometric Information Privacy Act (BIPA) in 2008, it has been used by plaintiffs’ attorneys to sue companies that use biometric identification technologies. Many BIPA cases have failed...more