Photo of Kristin Bryan

Kristin Bryan is a data privacy and cybersecurity litigator experienced in the resolution of complex disputes.

Kristin has deep expertise defending clients in federal class action and multidistrict litigations concerning allegations that their practices violated federal and state privacy laws. This includes in the context of data breach and incident response litigation. As a natural extension of her experience litigating data privacy disputes, Kristin also provides practical, business-oriented privacy advice to a wide range of clients and has represented them in government investigations regarding their privacy practices.

Kristin is CIPP/US certified and routinely publishes and speaks on cutting-edge developments in data privacy and cybersecurity litigation. Kristin is currently the co-chair of the International Association of Privacy Professional (IAPP)’s KnowledgeNet Chapter for Cleveland and on the IAPP’s Privacy Bar Advisory Board. She is a 2020-21 Vice Chair of the ABA TIPS Cybersecurity and Data Privacy Committee and managing editor of Squire Patton Boggs’ data privacy blog Consumer Privacy World.

Prior to joining the firm, Kristin worked at an international law firm in New York, specializing in Data Strategy & Security.

View full website bio.

In case you missed it, below is a summary of recent posts from CPW.  Please feel free to reach out if you are interested in additional information on any of the developments covered.

Data Breach Probes, Suits Will Test T-Mobile’s Cyber Coverage-CPW’s Ericka Johnson Talks to Law360 – Consumer Privacy World

Ninth Circuit Limits “Public

CPW has been covering the T-Mobile data event litigations and Law360 is now reporting that “T-Mobile’s cyberinsurance coverage could be stretched by a recent data breach that has already spawned two government investigations and a slew of lawsuits by affected customers.”  CPW’s Ericka Johnson provided her insights to Law360 on this issue, and also touched

Earlier this month the Ninth Circuit Court of Appeals reversed a district court order denying Comcast Cable Communications, LLC’s (“Comcast”) motion to compel arbitration under the Federal Arbitration Act (“FAA”) claims brought against it by a former cable subscriber.  The Plaintiff had brought a putative class action challenging Comcast’s privacy and data-collection practices for subscribers

In case you missed it, below is a summary of recent posts from CPW.  Please feel free to reach out if you are interested in additional information on any of the developments covered.

In Case You Missed It: CPW’s Alan Friel, Kyle Fath and Kristin Bryan Present An Update on US Privacy Laws and Litigation

In case you missed their presentation this week to the Association of Corporate Counsel, the webinar given by CPW’s Alan Friel, Kyle Fath and Kristin Bryan was recorded and is now available here.  In it they cover an update on new US privacy laws, including for California, Colorado and Virginia (among others), as well

As Ann LaFrance, Alan Friel, Elliot Golding, Kyle Fath, Glenn Brown, Kyle Dull, Niloufar Massachi, Amber Mulcare, and Gicel Tomimbang explain in a comprehensive expert analysis, recent changes in US consumer privacy laws that will require most US businesses to make material changes to their privacy compliance and information governance programs by January 1,

Since this summer CPW has declared session replay software litigation predicated on violation of state wiretap statutes as dead in the water.  Judges apparently agree.  Earlier this month yet another court kicked to the curb a session replay software dispute that asserted violations of Florida’s wiretap law, the Florida Security of Communications Act (“FSCA”). 

Early in the summer, owners of the Colonial Pipeline were hit with a putative class action that was filed in federal court in Georgia.  Dickerson v. CDCP Colonial Partners, L.P., Case No. 1:21-cv-02098 (N.D. Ga.).  As a short recap, a ransomware attack carried out by cybercriminals crippled the Colonial Pipeline’s functionality.  The Pipeline

Currently pending before the Seventh Circuit Court of Appeals is the important question of when a claim under the Illinois Biometric Information Privacy Act (“BIPA”) accruesCothron v. White Castle, No. 20-3202 (7th Cir.)  In another litigation CPW previously identified, a panel for the Illinois Court of Appeals recently addressed whether BIPA

Last month, T-Mobile disclosed that it had been targeted in a cyberattack that resulted in the compromise of some current, former and prospective customers’ SSN, name, address, date of birth and driver’s license/ID information.  According to T-Mobile, “the breach did not expose any customer financial information, credit card information, debit or other payment information.”  However,