Blog

Big Tech: What They Say vs. What They Do

This post is authored by Matthew Bonner, a third-year student at Drexel University’s Thomas R. Kline School of Law. Mr. Bonner is a legal-intern with the XPAN Law Group. In the wake of the GDPR’s enactment,  various leaders within the tech industry responded to calls for data privacy regulation in the United States. In October […]

Take Another Look at New Jersey: Data Breach Notification Law is Expanded

Across this country, states are taking a hard look at data privacy and security, and making large scale revisions to their state regulations (California made headlines with the CCPA, but others closely followed suit, such as Washington, Massachusetts, Colorado . . . and the list goes on).   Like many states, New Jersey is getting […]

Takeaways From the FTC’s Annual Privacy and Data Security Update

By Antonia M. Dumas, an Associate at XPAN Law Group, LLC On March 15, 2019, the Federal Trade Commission (“FTC”) released its 2018 Privacy and Data Security Update (“Update”), an annual report summarizing its role and activity as the nation’s primary privacy and data security enforcer. For businesses, a key takeaway from the Update is […]

One Ring to Rule Them All

With large cyber breaches like Instagram, Target, and Equifax it isn’t a surprise that the National Association of Insurance Commissioners (NAIC) issued the Data Security Model Law (MDL-668) (the “Model Law”).  The Model Law heavily borrows from the New York Department of Financial Services (NYDFS) cybersecurity regulations that went into effect on March 1, 2017. […]

Congressional Report on Equifax Data Breach: A Lesson in Cybersecurity Complacency

By Michael A. Shapiro, Esq., an attorney with XPAN Law Group, LLC. In September of 2017, Equifax Inc., one of the largest consumer reporting agencies, announced that it suffered a data breach involving personally identifiable information (PII) of over 145 million Americans, almost half of the United States population. The stolen data included names, social […]

“Becoming reality: A Federal Data Privacy legislation in the United States”

By Carolin C. Brucker Cabe, LL.M., an Associate at XPAN Law Group, LLC. It has been a week full of hearings in Washington, D.C. and the subject matter of these couldn’t be of any more interest to anyone working in the Data Privacy Industry. Both the House and Senate held hearings this past week setting […]

Congratulations to XPAN Associate, Carolin Brucker Cabe, For Attaining the DPO Certification

The XPAN team is thrilled and proud to announce Associate, Carolin C. Brucker-Cabe, LLM‘s, attainment of the following “TÜV Nord” certification: “Datenschutzbeauftragter” (Data Protection Officer).   The “Datenschutzbeauftragter” (DPO) certification delivers comprehensive knowledge of the European Union’s General Data Protection Regulation (GDPR) as well as the German “Bundesdatenschutzgesetz (BDSG)” (Federal Data Protection Act). Further, it documents comprehensive […]

New Government Accountability Office Recommendations May Expand FTC Powers

This post is authored by Matthew Bonner, a third-year student at Drexel University’s Thomas R. Kline School of Law. Mr. Bonner is a legal-intern with the XPAN Law Group. Unlike the European Union, the United States still lacks an adequate federal framework to protect data users’ privacy rights. The GDPR provides landmark privacy rights for […]

A Guide to Protecting Your IoT Devices From Online Hackers

By Caitlyn Eltzholtz, Operations Manager at XPAN Law Group The Internet of Things As a millennial, my smartphone is virtually glued to my hand.  I will admit: I do not leave a room without bringing my phone with me, let alone leave the house without it.  In addition to our everyday devices such as smartphones, […]

Congratulations to XPAN Co-Founder, Jordan Fischer, For Becoming IAPP Certified

The XPAN team is thrilled and proud to announce Co-Founder and Managing Partner, Jordan L. Fischer, Esquire’s attainment of the following IAPP Certifications: the Certified Information Privacy Professional/Europe (CIPP/E) and the Certified Information Privacy Manager (CIPM).  These ANSI/ISO-accredited certifications provide an avenue to understand the GDPR, the role of a data protection officer and data […]