Consent becoming a forceful defense at the motion to dismiss stage in privacy claims
7/2/25
By: Justin J. Boron and Michael R. Brown
In data privacy litigation, consent has traditionally been a fact-heavy issue decided at later stages of litigation. But recent rulings from federal courts suggest that this may be changing. In a shift …
The new sheriff in town has officially arrived: Texas governor signed legislature’s Texas Responsible AI Governance Act
6/24/25
By: Danielle A. Ocampo
It’s official: There’s a new sheriff in town when it comes to regulating the wild west of AI Governance that will arguably be the toughest in the nation. Texas Governor Greg Abbott signed the Texas Responsible AI …
Data doesn’t disappear. It just goes dark
6/12/25
By: Alexander L. Tang
Personally identifiable information, protected health information and other sensitive data don’t go into a black hole after they’re stolen. It goes on the Dark Web, which has become a reliable repository of PII and PHI. The …
A new sheriff in town?: Texas legislature passes the Texas Responsible AI Governance Act
6/11/25
By: Danielle A. Ocampo
There’s a new sheriff in town when it comes to regulating the wild west of AI Governance. The Texas legislature passed a new comprehensive AI law, H.B. 149, the Texas Responsible AI Governance Act (TRAIGA)…
Labcorp v. Davis: Pivotal SCOTUS decision may reshape the future of data breach class actions
5/30/25
By: Justin J. Boron, David A. Cole, Fredrick A. Hagen and Kevin M. Ringel
The future of data breach and consumer privacy class actions may hinge on the U.S. Supreme Court’s forthcoming decision in Labcorp v. Davis. …
Data tracking claims taking shape under CIPA
5/15/25
By: Justin J. Boron and Michael R. Brown
Whether by settlement or early dismissal, data-tracking claims have avoided significant judicial scrutiny. But the Torres v. Prudential Financial Inc. decision presents a result that could shape how these matters are litigated …
Why picking up the phone isn’t enough – The growing importance of creating and following strict internal rules to avoid cyber and professional liability
4/14/25
By: James G. Bozza and Kevin R. Stone
A Connecticut court recently found a law firm liable for failing to protect its email system following a breach, which led to a fraudster obtaining funds intended to finalize a real estate …
Key updates to CCPA fines and penalties for 2025
1/8/25
By: David A. Cole and Danielle A. Ocampo
The California Privacy Protection Agency (CPPA) has announced significant updates to the fines and penalties under the California Consumer Privacy Act (CCPA), effective January 1, 2025. These changes are part of the …
The price of consumer data: Marriott, Starwood, and the Federal Trade Commission
11/20/24
By: Zohar Peleg
On October 9, 2024, Marriott International, Inc. and its subsidiary, Starwood Hotels & Resorts Worldwide, LLC (collectively “Marriott”) agreed to a proposed settlement1 with the Federal Trade Commission (“FTC”) and a coalition of forty-nine state attorneys …
CrowdStrike-Delta lessons for third-party risk management
11/12/24
By: Danielle A. Ocampo
The world cannot unsee images of the “blue screen of death” across millions of Windows devices on July 19, 2024.1 CrowdStrike, an American Cybersecurity SaaS provider of its Falcon endpoint detection product, released a defective …
FMG’s Top 5 Cybersecurity Awareness Month tips to avoid “spooks and spoofs”
10/22/24
By: Danielle A. Ocampo
October is Cybersecurity Awareness Month, which means this month (like every month!) is a great opportunity for organizations to focus on their data security and privacy practices. Through our representation of businesses of all types and …
DOJ delivers new guidance on AI in compliance programs
10/8/24
By: Matthew P. Delfino
On Monday, September 23, 2024, the Department of Justice (“DOJ”) released updated guidelines for prosecutors evaluating corporate compliance programs, including those employing AI systems. This update follows the public statements made by Deputy Attorney General Lisa …