No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Courts across the country are becoming skeptical of data breach and web tracking claims that assert theoretical privacy violations without alleging any actual injury to the plaintiffs. Recent decisions underscore that courts...more
On April 16, the U.S. District Court for the District of Columbia granted in part and denied in part the defendants’ motion to dismiss a case involving claims that DOGE and several federal agencies (including the DOL, the...more
The Federal Aviation Administration (FAA) recently announced a process by which private aircraft owners and operators may electronically request that the FAA withhold their aircraft registration information from public view....more
Virginia recently amended its Consumer Protection Act (the Act) to provide enhanced protection for reproductive and sexual health information. These protections take effect on July 1, 2025. The amendment prohibits a...more
On March 24, 2025, the governor of Virginia signed into law Senate Bill 754, which amends the Virginia Consumer Protection Act (VCPA) to restrict the collection, use, sale, or sharing of personally identifiable reproductive...more
As required by the Federal Aviation Administration (FAA) Reauthorization Act of 2024, codified at 49 U.S.C. § 44114(b), the FAA implemented Section 803 Data Privacy (and issued a notice describing such implementation) on...more
Much like Blockbuster Video rental stores (of which you might be surprised to learn there is still one remaining), the Video Privacy Protection Act (VPPA) was quietly slipping into obsolescence with the advent of the Internet...more
For community associations, this is especially important as these organizations often manage large amounts of PII of homeowners and residents (e.g., name, address, phone number, etc.), including certain categories of...more
Privacy pros are passionate about doing good work, in every sense of the word. Yes, we care about managing privacy as thoroughly and efficiently as possible (and not getting fined). But we are all in this line of work for a...more
On February 14, 2025, in Therrien v. Hearst Television, Inc., the District of Massachusetts denied a motion for class certification due to the plaintiff’s failure to meet the implied ascertainability requirement of Rule 23....more
The recent decision by the Commission d’accès à l’information du Québec (CAI) regarding a popular grocer’s biometric data project in Quebec has far-reaching implications for other businesses considering or currently using...more
On March 12, 2025, the California Privacy Protection Agency (the Agency) announced a settlement with American Honda Motor Company, Inc. (Honda) for multiple violations of the California Consumer Privacy Act (CCPA),...more
In a notable development for corporate defendants grappling with consumer privacy litigation, the Southern District of New York has recently issued a decision in Lee v. Springer Nature America, Inc., embracing a broadened...more
Last week, two separate class actions were filed in the federal district court for the Southern District of Texas against DISA Global Solutions (DISA), a third-party employment screening services provider, related to an April...more
In the waning days of the Biden administration, the FTC published an update to its COPPA Privacy Rule. The status of this update, however, is unclear. The revisions to the rule were posted on the FTC website prior to the...more
The Department of Government Efficiency’s (DOGE) staggering unfettered access to all Americans’ personal information is highly concerning. DOGE employees’ access includes databases at the Office of Personnel Management, the...more
According to a highly critical article recently published by TechCrunch, the Department of Government Efficiency (DOGE), President Trump’s advisory board headed by Elon Musk, has “taken control of top federal departments and...more
The Video Privacy Protection Act (“VPPA”), a federal statute enacted in 1988, is gaining new relevance in recent years as plaintiffs bring lawsuits with the goal of enforcing online privacy rights. 2024 saw a continuation of...more
Businesses need data from consumers, and the sharing and selling of this resource has become quite common. However, you also need to be mindful of the rights of the people whose data you collect, especially their personally...more
New York State Governor Hochul recently gave us a “pre” New Year’s gift: effective on December 21, 2024, any individuals or businesses possessing the “private information” of New Yorkers must notify them, and certain state...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
AI algorithms are driven by data – lots and lots of data. One of the challenges associated with so much data driving AI algorithms is that at least some of that data may be sensitive individual personal data. In fact, the...more
Some businesses might be surprised to learn that digital wiretapping litigation claims are one of today’s fastest-growing compliance risks, with over 1,560 lawsuits filed in 28 states since a groundbreaking 2022 decision...more
A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
The California Privacy Protection Agency’s (CPPA) new data broker regulations took effect on December 27, 2024. They are now in effect during the CPPA’s annual data broker registration period, which lasts from January 1 to...more