Photo of Kristin Bryan

Kristin Bryan

Kristin Bryan is a data privacy and cybersecurity litigator experienced in the resolution of complex disputes.

Kristin has deep expertise defending clients in federal class action and multidistrict litigations concerning allegations that their practices violated federal and state privacy laws. This includes in the context of data breach and incident response litigation. As a natural extension of her experience litigating data privacy disputes, Kristin also provides practical, business-oriented privacy advice to a wide range of clients and has represented them in government investigations regarding their privacy practices.

Kristin is CIPP/US certified and routinely publishes and speaks on cutting-edge developments in data privacy and cybersecurity litigation. Kristin is currently the co-chair of the International Association of Privacy Professional (IAPP)’s KnowledgeNet Chapter for Cleveland and on the IAPP’s Privacy Bar Advisory Board. She is a 2020-21 Vice Chair of the ABA TIPS Cybersecurity and Data Privacy Committee and managing editor of Squire Patton Boggs’ data privacy blog Consumer Privacy World.

Prior to joining the firm, Kristin worked at an international law firm in New York, specializing in Data Strategy & Security.

View full website bio.

Contact: Read more about Kristin Bryan

Welcome to the 2022 Q3 edition of the Artificial Intelligence & Biometric Privacy Report, your go-to source for keeping you in the know on all recent major artificial intelligence (“AI”) and biometric privacy developments that have taken place over the course of the last three months. We invite you to share this resource with your colleagues and visit Squire Patton Boggs’ Data Privacy, Cybersecurity & Digital Assets and Privacy & Data Breach Litigation homepages for more information about our capabilities and team.

Also, we are extremely pleased to announce that our own Kristin Bryan was named as a 2022 Law360 Cybersecurity & Privacy MVP. As Law360 notes, “[t]he attorneys chosen as Law360’s 2022 MVPs have distinguished themselves from their peers by securing hard-earned successes in high-stakes litigation, complex global matters and record-breaking deals.” You can read more about Kristin’s Law360 award here: Law360 MVP Awards Go to 188 Attorneys From 78 Firms.

Continue Reading 2022 Q3 Artificial Intelligence & Biometric Privacy Report

Join our multidisciplinary team for the second webinar in our Advertising, Media and Brands Global Compliance Series.

Register using this link

Date: Thursday, December 1, 2022

Time: 5 p.m. GMT / noon ET / 9 a.m. PT

Our speakers will provide updates on the following topics:
Continue Reading Webinar Registration Open: Advertising, Media and Brands Global Compliance Series: Global Data, Technology and Tax

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Our Team Joined the Discussion on the Stage of the Global Data Protection Congress 2022 | Consumer Privacy World

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

WEBINAR Federal Privacy Legislation: Within Reach After a Decade of Debate. If So, What Next?

Federal Court Dismisses Biometric

CPW’s Kristin Bryan joins two of Squire Patton Boggs’ policy experts – Beth Goldstein and Jeffrey Turner – to discuss one of the most critical pieces of privacy legislation in years, the American Data Privacy and Protection Act (ADPPA), for Lexology’s Masterclass series. This game-changing privacy legislation not only has potential far-reaching impact, but

For almost four years now, attorneys have remained relentless in their quest to extend the outer boundaries of the Illinois Biometric Information Privacy Act (BIPA) as far as courts are willing to allow. During this period, many defendants have struggled with procuring dismissals of BIPA class claims.

One particular defense, however, has developed into an extremely robust tool for companies engaged in biometric privacy class suits: BIPA’s “financial institution” exemption. Contrary to what its name suggests, the benefits of this entity-level carve-out extend to a range of entities well beyond traditional banks and financial institutions. A recent BIPA opinion issued by a Northern District of Illinois court demonstrates the expansive scope of the exemption and provides several key takeaways for defendants to defend against—and outright defeat—BIPA claims at a time when biometric privacy class action exposure continues to grow.

Continue Reading Federal Court Dismisses Biometric Privacy Class Action Brought Against University, On Basis It Was a Regulated “Financial Institution”

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Recent BIPA Opinion Illustrates Continued Uncertainty Underlying Core Issues in Biometric Privacy Class Action Litigation | Consumer Privacy World

While the Illinois Biometric Information Privacy Act (BIPA) remains one of the hottest areas of class action litigation today, many core issues underlying BIPA disputes remain unsettled and uncertain at this time. And as the recent decision by the Northern District of Illinois in Kukovec v. Estee Lauder Co., Inc., No. 22 CV 1988, 2022 U.S. Dist. LEXIS 202212 (N.D. Ill. Nov. 7, 2022) shows, courts are often in disagreement on many of these key matters—underscoring the need for compliance with the statutory requirements of the Illinois biometrics law.  

Plaintiff Kukovec used a makeup try-on tool (“VTO Tool”) on the website of Too Faced Cosmetics, owned by Estee Lauder. The plaintiff claimed that the VTO Tool collected her facial geometry in violation of Sections 15(a) and (b) of BIPA. Estee Lauder subsequently moved to dismiss the complaint based on (among other things) the existence of an agreement to arbitrate and failure to plead a cognizable claim.

Continue Reading Recent BIPA Opinion Illustrates Continued Uncertainty Underlying Core Issues in Biometric Privacy Class Action Litigation

We have been covering the hiQ-LinkedIn data-scraping saga for several years now on CPW. (See previous posts here, here, here, and here).

After well-publicized litigation that made its way to the Supreme Court and back again, the United States District Court for the Northern District of California ruled[1] that the provisions of a website user agreement that prohibit anti-scraping and fake profiles are enforceable in a breach of contract claim. Businesses should take note and ensure that their own conduct enforces their terms and conditions in order to prevent violators from successfully claiming affirmative defenses. If a business knows of a violation, and wants to have enforceable terms, it should pursue remedying that violation.

Continue Reading Federal Court Rules in Favor of LinkedIn’s Breach of Contract Claim after Six Years of CFAA Data Scraping Litigation

CPW’s Kristin BryanScott Warren, and James Brennan will be key speakers at the Global Legal ConfEx on “GRC, Data Privacy & Cyber Security” on Thursday, November 17, 2022, in San Francisco.  

Continue Reading CPW’s Kristin Bryan, Scott Warren, and James Brennan to Speak at Conference on Data Privacy, Cybersecurity, and Governance, Risk & Compliance