Photo of Tracy Marshall

Tracy Marshall

Subscribe to Tracy Marshall's Posts

Tracy Marshall counsels international and domestic for-profit and non-profit clients on a range of privacy, data security, advertising, promotions, and intellectual property matters. She also advises on general corporate and transactional matters.

Tracy assists clients with compliance and advocates on their behalf. She is a Certified Information Privacy Professional (CIPP/US) through the International Association of Privacy Professionals (IAPP) and helps clients implement privacy, data security, and security breach response programs, develop internal and public-facing privacy policies to comply with applicable laws, respond to cyber and data security incidents, and manage relationships with service providers and third parties. Tracy advises on structuring and conducting email and text messaging campaigns, sweepstakes, contests, and other promotions, and she helps clients protect and enforce their intellectual property rights.

In addition, Tracy counsels clients on corporate matters and assists with structuring and negotiating a variety of transactions, including licensing, marketing, and outsourcing arrangements.

Tracy is frequently invited to speak at privacy, data security, telecommunications, and advertising conferences and is a contributor to Keller and Heckman’s Consumer Protection Connection blog and Beyond Telecom Law Blog.

To learn more about Tracy's practice areas, click here.
Follow:Read more about Tracy MarshallTracy's Linkedin Profile

On February 23, 2026, the Federal Trade Commission (FTC) and Department of Justice (DOJ) Antitrust Division launched a joint public inquiry, inviting comments on whether new antitrust guidance for business collaborations is needed and what content such guidance should cover for “a range of collaborations utilized to drive innovation and promote competition in the

On February 25, 2026, the Federal Trade Commission (FTC) released an important children’s privacy enforcement discretion statement: COPPA – Enforcement Policy Statement Promoting the Adoption of Age-Verification Technology. Age verification of minors is an increasingly hot topic in children’s privacy law, as several states recently adopted laws requiring companies to conduct age verification before

As we discussed in Part 1 of this series, while the Children’s Online Privacy Protection Act (COPPA) remains the primary federal law protecting children’s online privacy, there is a growing patchwork of state laws aimed at protecting both children and teens online. These laws identify a variety of potential harms, but many of them expand

As we look back at key privacy developments during 2025, one thing is clear: it was all about kids and teens. That trend seems likely to continue in 2026. The problem is, while there are very real concerns about the impact of online content and social media engagements on young people, legislative solutions – well-intentioned

Businesses making negative option or auto-renewal subscription offers, beware: Federal Trade Commission (FTC or Commission) enforcement is alive and well in 2025. Although the U.S. Court of Appeals for the Eighth Circuit struck down the FTC’s much-criticized Biden-era “click to cancel” rule earlier this summer, on September 25, 2025 the FTC announced that Amazon.com, Inc.

Google and two Disney companies recently settled lawsuits alleging that the companies violated children’s privacy laws, once again demonstrating a heightened interest in protecting children online and putting content creators and channel owners on notice that they will be subject to strict liability for violations of federal and state privacy laws. On August 18, 2025

A new year. A new administration in Washington. While protecting kids and teens is likely to remain an issue that drives legislation, litigation, and policy discussions in 2025, issuance of 1,000 Executive Orders on day one of the Trump Administration may result in new or changed priorities and some delay in the effective date of