Photo of Kristin Bryan

Kristin Bryan is a data privacy and cybersecurity litigator experienced in the resolution of complex disputes.

Kristin has deep expertise defending clients in federal class action and multidistrict litigations concerning allegations that their practices violated federal and state privacy laws. This includes in the context of data breach and incident response litigation. As a natural extension of her experience litigating data privacy disputes, Kristin also provides practical, business-oriented privacy advice to a wide range of clients and has represented them in government investigations regarding their privacy practices.

Kristin is CIPP/US certified and routinely publishes and speaks on cutting-edge developments in data privacy and cybersecurity litigation. Kristin is currently the co-chair of the International Association of Privacy Professional (IAPP)’s KnowledgeNet Chapter for Cleveland and on the IAPP’s Privacy Bar Advisory Board. She is a 2020-21 Vice Chair of the ABA TIPS Cybersecurity and Data Privacy Committee and managing editor of Squire Patton Boggs’ data privacy blog Consumer Privacy World.

Prior to joining the firm, Kristin worked at an international law firm in New York, specializing in Data Strategy & Security.

View full website bio.

The California Supreme Court recently issued a significant decision interpreting California’s Invasion of Privacy Act, which may lead to criminal and civil liabilities for intentionally recording phone calls without obtaining the appropriate level of consent.  [Note: for other litigations involving the statute, check out our prior coverage here and here].  This interpretation

Last month, a putative class action lawsuit was filed in federal court concerning a data breach resulting from the alleged improper disclosure of COVID-contact tracing data.  Read on to learn more, and how this case fits more broadly into a trend of data breaches involving the healthcare industry.  Chapman v. Commonwealth of Pennsylvania, et al.

In case you missed it, on Tuesday May 25 CPW hosted its first-ever virtual webinar jointly with Squire Patton Boggs’ Global Supply Chain blog  The webinar focused on the Colonial Pipeline hack and a putative class action that was filed in federal court in Georgia against the owners of the Colonial Pipeline.  Recall that

In case you missed it, below is a summary of recent posts from CPW.  Please feel free to reach out if you are interested in additional information on any of the developments covered.

BIPA Litigation in Illinois Federal Court Paused Pending Significant Decisions in Other Cases Concerning Statute’s Application and Scope | Consumer Privacy World

A federal court recently paused a litigation brought under Illinois’s Biometric Information Privacy Act (“BIPA”), pending the outcome of several other cases which could be dispositive.  Herron v. Gold Standard Baking, Inc., 2021 U.S. Dist. LEXIS 69336 (N.D. Ill.).  Read on for a recap of issues on the horizon for this frequently litigated data

As CPW’s Alan Friel and Lydia de la Torre explain at CPW’s sister blog Security & Privacy Bytes, “[i]nformational privacy is a hot topic” and [d]ata is a valuable, but challenging asset.”  They caution that “[o]rganizations can only meaningfully protect, and effectively make the most of, their digital assets if they know what data they

In Law360 CPW’s Colin Jennings and Ericka Johnson discuss President Biden’s executive order on improving the nation’s cybersecurity.  As they explain, “[t]he order aims to make significant contributions to modernizing the federal government’s cybersecurity practices under an aggressive timeline. Broadly, the order directs several federal agencies and the heads of each federal civilian executive branch

In case you missed it, CPW’s Kristin Bryan and Ericka Johnson will be hosting CPW’s first webinar today from 12-1 pm EST on Colonial Pipeline.  For the attorneys in the crowd, 1 hour of CLE is available.  If you were wondering, yes it is free. Register here for this must-attend event.


Over the

Recently in Hunstein v. Preferred Collection and Management Services, Inc., the Eleventh Circuit issued a ground breaking decision concerning application Section 1692c(b) of the Fair Debt Collection Practices Act (“FDCPA”).  A recent case suggests this decision may have broader application beyond its specific facts.  Read on to learn more, as first covered by the

In case you missed it, below is a summary of recent posts from CPW.  Please feel free to reach out if you are interested in additional information on any of the developments covered.

Announcing CPW’s First Virtual Webinar: The Colonial Pipeline Hack-Understanding Cyber-Attacks, Supply Chain Breaks and Data Breach Litigation Issues | Consumer Privacy World