No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
In a notable development for corporate defendants grappling with consumer privacy litigation, the Southern District of New York has recently issued a decision in Lee v. Springer Nature America, Inc., embracing a broadened...more
The PRC National Technical Committee 260 on Cybersecurity of SAC (“TC260”) published new Guidelines on Identifying Sensitive Personal Information (“Guidelines”) on 18 September 2024, nearly three months after it released the...more
Introduction - Illinois has enacted laws addressing rights and obligations related to data privacy. Companies and organizations that handle, collect, disseminate, or otherwise deal in nonpublic information have a number of...more
U.S. Senator Maria Cantwell (D-WA) and U.S. Representative Cathy McMorris Rodgers (R-WA) have made a breakthrough by agreeing on a bipartisan data privacy legislation proposal. The legislation aims to address concerns related...more
On March 7, 2024, a bipartisan coalition of 43 state attorneys general sent to the Federal Trade Commission (“FTC”) a letter urging the FTC to update the regulations (“COPPA Rules”) implementing the Children’s Online Privacy...more
On October 10, Governor Newsom signed the Delete Act ( SB 362) into law, which amends California's current data broker law to impose extensive additional disclosure and registration requirements on data brokers, and to...more
This year has seen a tremendous spike in the number of cases alleging violations of the Video Privacy Protection Act (“VPPA”), 18 U.S.C. § 2710, a statute enacted in 1988 in response to the Washington City Paper’s publication...more
On May 11, 2023, Tennessee became the eighth state to join the most recent trend in state legislation when Governor Lee signed the Tennessee Information Protection Act (TIPA) into law. Tennessee follows other states that...more
Five former Memphis-based hospital employees and another man have pled guilty to unlawfully disclosing patient information in violation of HIPAA, U.S. Attorney for the Western District of Tennessee Kevin Ritz announced....more
The year 2023 will continue to have cybersecurity and data privacy front of mind for General Counsels. With sweeping new US and global laws and regulations coming online and the California Privacy Protection Agency (CPPA)...more
On November 1, 2021, the Personal Information Protection Law of the People’s Republic of China (the “PRC”) (the “Personal Information Protection Law”) went into effect, two months after the Data Security Law of the PRC (the...more
Though it was not long ago that resolutions of California Consumer Privacy Act (CCPA) readiness ushered in the new year, ‘tis the season once again to deck the halls with privacy compliance checklists. Retailers doing...more
China recently enacted its Personal Information Privacy Law (PIPL), which came into effect November 1, 2021. PIPL has global reach and broadly regulates entities of all industries that process the personal data of Chinese...more
On March 15, 2021, the California Attorney General (AG) issued further amendments to the implementing regulations of the California Consumer Privacy Act (CCPA), clarifying how a business must facilitate a consumer’s exercise...more
Big data can mean big problems in the ediscovery and compliance world – and those problems can be exponentially more complicated when personal data is involved. Sifting through terabytes of data to ensure that all personal...more
On November 3, 2020, California voters convincingly approved the California Privacy Rights Act (“CPRA”) ballot initiative. The CPRA builds upon and amends the California Consumer Protection Act (“CCPA”), aligning it more with...more
Google has recently been named in three lawsuits that challenge how it collects users' personal information and whether users can opt out of the collection. Each of these cases raises important issues relating to notice and...more
As more organizations find themselves under scrutiny for the way they collect and use consumer data, maintaining CCPA compliance has never been more important. CCPA has been introduced to give control back to consumers,...more
1 All section references, unless otherwise stated, refer to the corresponding sections in the Ballot Initiative located in the hyperlinked text. 2 See Section 31(a). 3 See Section 31(a). 4 See Section 31(c)....more
Regulations implementing the California Consumer Privacy Act (CCPA) became final last week, following approval by the California Office of Administrative Law (OAL). While four provisions from the final regulations were...more
On August 14, 2020, the California Office of Administrative Law (OAL) approved the final California Consumer Privacy Act (CCPA) regulations that were submitted by the California Attorney General (AG) on June 1, 2020. The...more
Pandemic, economic freefall, and unfamiliar regulatory constraints are buffeting U.S. businesses, and California is poised to add even more privacy obligations. In November of 2017, more than 629,000 California voters...more
Shortly after the January 1, 2020 effective date of the California Consumer Privacy Act (“CCPA”), the California Attorney General’s Office released an Advisory reminding California consumers of their rights under the CCPA. ...more
As 2019 has become 2020, many businesses - including financial institutions - are rightly focused on setting up their CCPA compliance structures. But those businesses also should consider a separate yet related law passed by...more
The holidays are over. 2020 is upon us. And for American businesses with any connection to California, this means one thing: the California Consumer Privacy Act (CCPA), America’s version of GDPR is here. It is a phased...more