Photo of Sadia Mirza

Sadia Mirza

Subscribe to Sadia Mirza's Posts

Sadia leads the firm’s Incidents + Investigations team, advising clients on all aspects of data security and privacy issues. She is the first point of contact when a security incident or data breach is suspected, and plays a central role in her clients’ cybersecurity strategies.

Follow:Read more about Sadia MirzaSadia's Linkedin Profile

On May 17, District of Colombia Attorney General Brian Schwalb announced the settlement of an investigation into Easy Healthcare Corporation, requiring the company to change its privacy practices involving the ovulation tracking app “Premom” to protect the sensitive reproductive data of consumers. Easy Health agreed to several remedial measures intended to prevent the disclosure of sensitive information to third parties and to pay a $100,000 penalty to the states involved with the investigation.

Published in Law360 on January 25, 2023. © Copyright 2023, Portfolio Media, Inc., publisher of Law360. Reprinted here with permission.

In recent months, there has been an explosion of artificial intelligence tools that have given even technophobes an opportunity to test AI’s power from the comfort of their favorite web browser.

From DALL-E’s ability to generate digital images from natural language prompts to ChatGPT’s ability to answer questions, write blog posts, essays, poetry or even song lyrics, today’s AI tools can be used by anyone who can open a web browser.

On April 18, the Ninth Circuit issued its opinion in hiQ Labs, Inc. v. LinkedIn Corporation[1] in which the court clarified its position on an important topic: whether the common practice of data “web scraping” can create criminal liability under the Computer Fraud and Abuse Act (CFAA). To be clear, the Ninth Circuit was

On February 25, the Utah Senate passed the Utah Consumer Privacy Act (the UCPA), which closely resembles both the Virginia Consumer Data Protection Act (the VCDPA) and the Colorado Privacy Act (the CPA). The House unanimously passed the bill on March 2. The bill now goes to Governor Spencer Cox, who has 20 days to

On January 28, California Attorney General Rob Bonta announced that his office was beginning an “investigative sweep” of businesses operating consumer loyalty programs in California. The California AG’s press release stated that letters were sent to “major corporations in the retail, home improvement, travel, and food service industries” and allege the recipients’ potential noncompliance with

We have long predicted that just as other states followed California in passing breach notification laws, states would follow in California’s footsteps in regulating information privacy practices with the California Consumer Privacy Act of 2018 (CCPA), which was later amended by the California Privacy Rights Act of 2020 (CPRA).[1] The Virginia state legislature recently

In Wengui v. Clark Hill, PLC, Judge Boasberg of the District Court for the District of Columbia, granted the plaintiff’s motion to compel the defendant to produce a report and additional materials associated with a cyberattack. In its ruling, the court emphasized that materials that would otherwise be created in the ordinary course of