No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
As required by the Federal Aviation Administration (FAA) Reauthorization Act of 2024, codified at 49 U.S.C. § 44114(b), the FAA implemented Section 803 Data Privacy (and issued a notice describing such implementation) on...more
Privacy pros are passionate about doing good work, in every sense of the word. Yes, we care about managing privacy as thoroughly and efficiently as possible (and not getting fined). But we are all in this line of work for a...more
In a notable development for corporate defendants grappling with consumer privacy litigation, the Southern District of New York has recently issued a decision in Lee v. Springer Nature America, Inc., embracing a broadened...more
Last week, two separate class actions were filed in the federal district court for the Southern District of Texas against DISA Global Solutions (DISA), a third-party employment screening services provider, related to an April...more
New York State Governor Hochul recently gave us a “pre” New Year’s gift: effective on December 21, 2024, any individuals or businesses possessing the “private information” of New Yorkers must notify them, and certain state...more
A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
Introduction - Below is a brief outline of the legal regulation of personal protection in Ukraine. Governing Data Protection Legislation - 2.1. Overview of principal legislation - The main legal act governing...more
Readers of this blog are well aware of the recent surge in data privacy litigation. In February 2024, Atlas Data Privacy Corporation (“Atlas Data”), a consumer data protection company, filed over 100 lawsuits in the State of...more
Plaintiffs look to the past to take action against modern web tracking - As states rapidly enact new consumer privacy legislation, businesses have been working tirelessly to comply with extensive new data protection...more
Keypoint: The past two months have seen many courts dismiss privacy claims as judges appear to be more critical of plaintiffs’ theories while other judges have allowed cases to proceed past the motion to dismiss stage....more
Personal information from federal lawmakers and congressional staff members was available on the dark web following a breach of DC Health Link, the health insurance marketplace for Washington, D.C. In an internal memo sent to...more
The year 2023 will continue to have cybersecurity and data privacy front of mind for General Counsels. With sweeping new US and global laws and regulations coming online and the California Privacy Protection Agency (CPPA)...more
When engaging in a tech transaction, you must know your obligations under data privacy laws. First and foremost, it’s critical to consider whether “personal information”—a broad term that encompasses many types of data—is...more
While the federal government attempts to move forward with a more uniform national law, Connecticut joined California, Colorado, Utah, and Virginia in passing a comprehensive consumer privacy law....more
On November 1, 2021, the Personal Information Protection Law of the People’s Republic of China (the “PRC”) (the “Personal Information Protection Law”) went into effect, two months after the Data Security Law of the PRC (the...more
Though it was not long ago that resolutions of California Consumer Privacy Act (CCPA) readiness ushered in the new year, ‘tis the season once again to deck the halls with privacy compliance checklists. Retailers doing...more
China recently enacted its Personal Information Privacy Law (PIPL), which came into effect November 1, 2021. PIPL has global reach and broadly regulates entities of all industries that process the personal data of Chinese...more
On August 20, the People’s Republic of China became the latest global economic powerhouse to pass an omnibus privacy law. Titled the Personal Information Protection Law (“PIPL”), the law was adopted by the Standing Committee...more
Federal Privacy Commissioner Calls for Stronger Privacy Protections in Bill C-11 - In November 2020, the federal government tabled Bill C-11, the proposed new private-sector privacy law that would replace the current...more
On March 15, 2021, the California Attorney General (AG) issued further amendments to the implementing regulations of the California Consumer Privacy Act (CCPA), clarifying how a business must facilitate a consumer’s exercise...more
CCPA / CPRA for US and EU businesses - Deep dive on CCPA's impact on European Businesses: A webinar for German and European businesses. Main Topics - Is my business affected by CCPA and why? - I am already GDPR...more
On November 3, 2020, California voters convincingly approved the California Privacy Rights Act (“CPRA”) ballot initiative. The CPRA builds upon and amends the California Consumer Protection Act (“CCPA”), aligning it more with...more
Pandemic, economic freefall, and unfamiliar regulatory constraints are buffeting U.S. businesses, and California is poised to add even more privacy obligations. In November of 2017, more than 629,000 California voters...more
Shortly after the January 1, 2020 effective date of the California Consumer Privacy Act (“CCPA”), the California Attorney General’s Office released an Advisory reminding California consumers of their rights under the CCPA. ...more
The holidays are over. 2020 is upon us. And for American businesses with any connection to California, this means one thing: the California Consumer Privacy Act (CCPA), America’s version of GDPR is here. It is a phased...more