All posts by "Marci Rozen" →

About Marci Rozen

Marci Rozen

Marci counsels companies on a wide variety of issues involving privacy, cybersecurity, and information law. She routinely helps companies evaluate and develop corporate privacy and information security programs, and provides advice on matters involving cross-border data transfers, insider threat prevention and detection, cloud computing, and electronic surveillance. Marci also assist clients in responding to data breaches, including issuing breach notifications required under state and federal breach notification laws, advising on remediation efforts, and handling litigation and enforcement actions arising from data security incidents.

Recent Posts

Arkansas has updated its breach notification law to expand the definition of “personal information” and to require notifying the Arkansas Attorney General when a breach involves more than 1,000 individuals’ personal information. On April 15, 2019, Governor...

Read More →

While many companies are struggling to make sense of the California Consumer Privacy Act (“CCPA”) (see our prior posts here and here) and roll out their CCPA compliance programs, the California Assembly Privacy and Consumer Protection Committee...

Read More →

The North Carolina Attorney General’s Office issued a letter to Google on October 11th demanding that the company answer questions about the recent breach affecting its Google+ network. The NC AG’s inquiry signals that companies...

Read More →

Note: SB 1121 was signed into law on September 23, 2018. On August 31, 2018, the California legislature unanimously passed a bill, SB 1121, amending the California Consumer Privacy Act (“CCPA”). While the bill does...

Read More →

California has enacted the California Consumer Privacy Act of 2018 (AB 375) (the “Act”), which grants California residents a number of rights that, in some ways, reflect those provided under the EU General Data Protection...

Read More →

Since at least fall of 2017, the Department of Education (“ED”) has expected institutions of higher education to report data breaches directly to the department on the same day a breach is discovered – or...

Read More →

Like most reading this article, we have been very busy over the last couple of years preparing our clients for the EU General Data Protection Regulation (“GDPR”). In advising companies that range from start-ups to...

Read More →

Selecting appropriate contract clauses is a key strategy for managing security risks with vendors. Security provisions in vendor contracts should be tailored to the risks posed by the specific engagement, the supply chain for the...

Read More →

S3 Buckets: Not so Simple?

September 5, 2017 | 0 Comments

Uber has agreed to settle a complaint stemming from allegations that the ride-hailing company made deceptive claims concerning its data security practices following a 2014 data breach. The data breach in question affected an Amazon...

Read More →

Podcast: Data Do, Data Don’t

August 16, 2017 | 0 Comments

Most websites and apps collect information from its users. But are you doing it in a legally-compliant way? We won’t be taking over any New Year’s countdowns, but listen to our radio-ready voices as we...

Read More →