Photo of Tracy Marshall

Tracy Marshall

Subscribe to Tracy Marshall's Posts

Tracy Marshall counsels international and domestic for-profit and non-profit clients on a range of privacy, data security, advertising, promotions, and intellectual property matters. She also advises on general corporate and transactional matters.

Tracy assists clients with compliance and advocates on their behalf. She is a Certified Information Privacy Professional (CIPP/US) through the International Association of Privacy Professionals (IAPP) and helps clients implement privacy, data security, and security breach response programs, develop internal and public-facing privacy policies to comply with applicable laws, respond to cyber and data security incidents, and manage relationships with service providers and third parties. Tracy advises on structuring and conducting email and text messaging campaigns, sweepstakes, contests, and other promotions, and she helps clients protect and enforce their intellectual property rights.

In addition, Tracy counsels clients on corporate matters and assists with structuring and negotiating a variety of transactions, including licensing, marketing, and outsourcing arrangements.

Tracy is frequently invited to speak at privacy, data security, telecommunications, and advertising conferences and is a contributor to Keller and Heckman’s Consumer Protection Connection blog and Beyond Telecom Law Blog.

To learn more about Tracy's practice areas, click here.
Follow:Read more about Tracy MarshallTracy's Linkedin Profile

A European Court of Justice (ECJ) advocate general, Yves Bot, has called for the European Union–U.S. Safe Harbor Agreement to be invalidated due to concerns over U.S. surveillance practices (press release here, opinion here). The ECJ has discretion to reject the recommendation, but such opinions are generally followed. A final decision on the

In a closely watched case where the Federal Trade Commission (FTC) pursued Wyndham Worldwide Corporation for several data breaches that led to millions of dollars in fraudulent charges on customers’ payment cards, the U.S. Court of Appeals for the Third Circuit on Monday agreed with the Commission’s broad interpretation of its “unfairness” authority (opinion here

Thirteen companies have agreed to settle with the Federal Trade Commission (FTC) charges relating to their participation in the U.S.–EU and U.S.–Swiss Safe Harbor Frameworks. Seven companies allegedly failed to renew their Safe Harbor self-certifications, including a sports marketing firm, two software developers, a research organization, a business information firm, a security consulting firm, and

As many marketers spend a large and growing share of the ad spend on social media, basic principles of truthful advertising must be kept in mind and applied in the new and varied media.  After all, the platforms may change, but the underlying requirements do not.  Thus, for responsible marketers, a robust social media policy

As we previously reported, the Federal Communications Commission (“FCC” or “Commission”) adopted a significant Declaratory Ruling and Order on June 18, 2015 to clarify aspects of the Telephone Consumer Protection Act (“TCPA”), namely, the use of “automatic telephone dialing systems” and/or artificial or prerecorded voice messages to send telemarketing and informational calls and texts

At its Open Meeting on June 18, 2015, the Federal Communications Commission (“FCC”) adopted a significant Declaratory Ruling and Order to clarify aspects of the Telephone Consumer Protection Act (“TCPA”), namely, the use of automatic dialing systems and/or artificial or prerecorded voice messages to send telemarketing and informational calls and texts to consumers (“robocalls”). The

A federal appellate court will consider early next month whether the Video Privacy Protection Act (VPPA) makes an “Android ID” – a device identifier used in Google’s smartphones –personally identifiable information (PII). The Eleventh Circuit has scheduled oral argument in the case, Ellis v. Cartoon Network, Inc., for June 3, 2015.

The plaintiff in

On April 23, 2015, the Federal Trade Commission (FTC) announced that retail tracking company Nomi Technologies has agreed to settle FTC charges that it misled consumers. The FTC alleged that the company, which develops technology to allow retailers to track consumers’ movements through their stores, misled consumers by failing to uphold promises to provide a

This week, the U.S. House of Representatives passed two cybersecurity information sharing bills that gained qualified support from the Obama Administration.  Together, the bills (the Protect Cyber Networks Act (PCNA) and the National Cybersecurity Protection Advancement Act (NCPAA)) would authorize companies to share cyber threat information and defensive measures with each other and the