No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Sitting with the C-Suite: Information Governance and eDiscovery - Key Compliance Issues for In-House Counsel
The recent $30 million settlement between 23andMe and 6.4 million users following a major data breach offers important lessons for businesses dealing with sensitive genetic and genomic information....more
Lehigh Valley Health Network (LVHN) has agreed to settle a class action filed against it following a February 2023 ransomware attack that compromised personal information of patients, including medical and treatment...more
Patreon, a popular platform connecting creators with their fans, has recently agreed to a $7.2 million settlement to end a legal battle concerning the Video Privacy Protection Act (VPPA)....more
The State of Texas and Meta Platforms Inc. (“Meta”) have agreed to a $1.4 billion settlement, to be paid out over five years, to resolve claims relating to Meta’s alleged use of facial recognition technology without user...more
DoorDash, Inc. recently settled with the California Attorney General for alleged violations of the California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA). This is only the second...more
Multi-employer plan participants involved in an Employee Retirement Income Security Act of 1974 (ERISA) class action lawsuit against Horizon Actuarial Services LLC (Horizon), a national retirement services firm, have entered...more
Convergent Outsourcing Inc., a debt-collection agency, settled a data breach class action in the U.S. District Court for the Western District of Washington for $2.45 million. The class action suit against Convergent alleged...more
As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more
State regulators across the country continue to increase their focus on cyber security and data privacy compliance and enforcement. For years, cloud company Blackbaud, a service provider to thousands of nonprofit enterprises,...more
On January 4, the U.S. District Court for the Northern District of Texas granted final approval of an $11 million class action settlement resolving allegations related to a February 2021 data breach that compromised more than...more
On January 9, the U.S. District Court for the District of New Mexico granted preliminary approval of a class action settlement in a data breach suit that allegedly compromised approximately 191,000 individuals’ personally...more
The average cost of a data breach is on the rise. According to the 2022 ForgeRock Consumer Identity Breach Report, the average cost in 2021 of recovering from a data breach in the U.S. is $9.5 million — an increase of 16%...more
On August 24, the California Attorney General (“AG”) announced its first enforcement settlement under the California Consumer Privacy Act (“CCPA”). The $1.2M fine with an international retailer settled claims that the...more
On August 24, 2022, California Attorney General Rob Bonta announced a $1.2 million dollar settlement with Sephora to account for alleged violations of the California Consumer Privacy Act (CCPA). This is the first CCPA...more
On 24 August 2022, the California Attorney General announced a US$1.2 million settlement including injunctive relief terms with cosmetic giant Sephora, Inc. (Sephora), resolving allegations that the company violated the...more
The State Attorneys General in New York and New Jersey recently settled with four companies over alleged HIPAA noncompliance following phishing attacks. The New Jersey settlements were brought against three NJ-based cancer...more
Kronos, Inc., has agreed to (and a federal judge has preliminarily approved) a $15.3 million settlement to resolve claims that it violated the Illinois Biometric Information Privacy Act (BIPA) by collecting biometric...more
The saga of the Capital One data breach, which impacted an estimated 106 million individuals in the U.S. and Canada, may soon be coming to an end. After more than two years of litigation, the parties have reached a settlement...more
The FTC recently settled with Ascension Data & Analytics for failure to oversee service providers. Ascension provides services to mortgage companies within its corporate family of entities. According to the complaint,...more
On December 15, 2020, the FTC announced a proposed settlement with Ascension Data & Analytics, LLC, a mortgage industry analytics company, related to alleged violations of the Gramm-Leach-Bliley Act’s (GLBA) Safeguards Rule....more
California Attorney General Xavier Becerra charged Glow, Inc. (Glow), a fertility health app, with privacy and basic security failures that allegedly put women’s “deeply-sensitive” personal and medical information at risk....more
On November 9, 2020, the United States Federal Trade Commission (FTC) announced that it had entered into a consent agreement, subject to final approval, with videoconferencing company Zoom Video Communications, Inc. (Zoom)....more
New Jersey Attorney General (AG) Gurbir S. Grewal announced on November 2, 2020, that his office has settled with ShopRite’s parent company, Wakefern Food Corp. (Wakefern) and two of its supermarket entities for $235,000 for...more
In a continuation of its recent enforcement streak, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced two new HIPAA settlements last week. The first settlement is with Aetna Life...more
Health insurer Anthem, Inc. has finally reached a settlement with a coalition of 41 states plus the District of Columbia, and a separate settlement with California, to resolve state attorney general investigations of a data...more