Photo of Tracy P. Marshall

Tracy P. Marshall

Subscribe to Tracy P. Marshall's Posts

Partner at Keller and Heckman LLP

Washington, DC

marshall@khlaw.com

+1 202.434.4234
To learn more about Tracy's practice areas, click here.
Follow:Read more about Tracy P. MarshallTracy's Linkedin Profile

How should companies respond to and report data security breaches nationally? What cybersecurity practices and procedures reflect current best practices? Two federal agency actions provide new rules and guidance and show that the cybersecurity landscape is changing. First, the U.S. Securities and Exchange Commission (SEC) adopted new rules earlier this month that will (among other

The Children’s Online Privacy Protection Act Rule (COPPA Rule) requires that online sites and services directed to children under 13 obtain parental consent before collecting or using children’s personal information and lists existing methods for such consent. Now the Federal Trade Commission (FTC) is seeking comments on whether it should expand its parental consent methods

When the California legislature passed the California Age-Appropriate Design Code Act (CAADCA or Act) AB 2273 in September of this year, it generated considerable controversy. Companies, trade associations, and even some non-governmental organizations questioned whether the law’s broad reach was not just counterproductive and likely to invade consumer privacy, but preempted by federal law and

Deceptive reviews and endorsements have been an increasing area of scrutiny by the Federal Trade Commission (FTC or Commission). In the last few years, the Commission has brought myriad complaints against companies for engaging in such practices. Last year, the FTC resurrected its long-dormant Penalty Offense Authority, warning more than 700 companies in a

At a press conference on August 11, 2022, the Federal Trade Commission (FTC or Commission) announced an Advance Notice of Proposed Rulemaking (ANPR), which was published, along with a fact sheet, to explore potential new rules governing what the FTC characterizes as prevalent “commercial surveillance” and “lax data security practices.” The FTC issued the

On May 12, 2022, the European Data Protection Board published guidelines with a methodology for calculating fines for violations of the General Data Protection Regulation (GDPR). These guidelines were subject to a public consultation until June 27, 2022.

Because these guidelines are likely to have an influence on future decisions by data protection authorities in

As we previously reported, the Federal Trade Commission (FTC) seeks comments on proposed updates to its Guides Concerning the Use of Endorsements and Testimonials in Advertising (Endorsement Guides). The FTC’s notice was published in the Federal Register on July 26, 2022 (87 Fed. Reg. 44288), and comments must be received by September 26, 2022.

On July 8, 2022, the California Privacy Protection Agency (Agency) announced the start of the formal rulemaking process to adopt proposed regulations implementing the California Privacy Rights Act (CPRA), which amends and expands the California Consumer Privacy Act (CCPA).

The CCPA entered into force on January 1, 2020; most of the CPRA’s provisions become effective

The Federal Trade Commission (FTC or Commission) has issued several new proposals or policy statements affecting advertisers recently, including resurrection of its Penalty Offense Authority and an Enforcement Policy Statement Regarding Negative Option Marketing (which we previously reported on here). The FTC is now seeking public feedback on a proposal to enhance and strengthen