Photo of Kristin Bryan

Kristin Bryan is a data privacy and cybersecurity litigator experienced in the resolution of complex disputes.

Kristin has deep expertise defending clients in federal class action and multidistrict litigations concerning allegations that their practices violated federal and state privacy laws. This includes in the context of data breach and incident response litigation. As a natural extension of her experience litigating data privacy disputes, Kristin also provides practical, business-oriented privacy advice to a wide range of clients and has represented them in government investigations regarding their privacy practices.

Kristin is CIPP/US certified and routinely publishes and speaks on cutting-edge developments in data privacy and cybersecurity litigation. Kristin is currently the co-chair of the International Association of Privacy Professional (IAPP)’s KnowledgeNet Chapter for Cleveland and on the IAPP’s Privacy Bar Advisory Board. She is a 2020-21 Vice Chair of the ABA TIPS Cybersecurity and Data Privacy Committee and managing editor of Squire Patton Boggs’ data privacy blog Consumer Privacy World.

Prior to joining the firm, Kristin worked at an international law firm in New York, specializing in Data Strategy & Security.

View full website bio.

A federal court the end of last week dismissed a litigation challenging the U.S. Postal Service’s (“USPS”) use of facial recognition and related technologies to collect personal data, finding that the group which filed the claims lacked standing.  Electronic Privacy Information Center v. United States Postal Service et al., Case No. 1:21-cv-02156 (D.D.C.).  As

In Bradenberg v. Meridian Senior Living, LLC, No. 20-cv-03198 (C.D. Ill. Sept. 30, 2021), another BIPA complaint this year proceeded past the complaint stage, as the Court found that Plaintiff’s allegations were sufficient to state a claim.  While open ended questions remain regarding the statute’s scope and damages provisions (some of which may

In re Mednax Services, MDL No. 2994, is an MDL (multidistrict litigation) pending in the Southern District of Florida, currently in its early stages.  2021 U.S. Dist. LEXIS 195342, *8-9 (S.D. Fla. Oct. 9, 2021).  In a striking move late last week, a federal court ordered a stay of the proceedings pending resolution of

CPW has been covering recent data privacy developments in China and this month CPW’s Scott Warren and Lindsay Zhu provided their insights to Bloomberg Law on this topic.  As covered at Bloomberg, “China’s new Personal Information Protection Law imposes additional requirements for multinational companies in the region, adding legal and regulatory challenges for businesses already

In case you missed it, below is a summary of recent posts from CPW.  Please feel free to reach out if you are interested in additional information on any of the developments covered.

Federal Court Gives Preliminary Approval of $92 Million TikTok MDL Settlement Over Objections – Consumer Privacy World

California Privacy Agency Announces Appointment

Uk media outlet ITPro has published an in-depth analysis of a rise in cyberattacks targeting the energy sector and CPW’s Kristin Bryan provided her insights for the article.  This trend spans both the US and Europe, as earlier in the year CPW covered the Colonial Pipeline (and resulting data event litigation)  where a ransomware attack

As reported in Law360, Ashkan Soltani “[a] prominent security researcher and former chief technologist at the Federal Trade Commission has been selected to lead the day-to-day operations at California’s new privacy protection agency, which will be the first authority in the U.S. to focus solely on policing how companies handle consumers’ personal data.” CPW’s

As Rosa BarceloMatus HubaLucia Hartnett and Bethany Simmonds discuss in greater detail here, “[t]he European Data Protection Board (“EDPB”), a body with members from all EEA supervisory authorities (and the European Data Protection Supervisor), has recently established a taskforce to coordinate the response to complaints concerning compliance of cookie banners

On Friday, October 15 readers of CPW are invited to join CPW’s Alan Friel from Squire Patton Boggs and Ankura experts David Manek and Colleen Yushchak as they discuss key themes from California attorney general’s examples of CCPA non-compliance.  Please join for their insights, which will include essential CCPA compliance tools at TrustWeek OneTrust User

Last week a federal court in Illinois granted preliminary approval to a $92 million settlement reached in the TikTok multidistrict litigation (“MDL”), over objections that had been raised in March concerning the basis and terms of settlement.  Read on to learn more.

As readers of CPW already know, last year the Panel on Multidistrict