Photo of Erin Jane Illman

Erin Illman is a dynamic problem solver with a strong understanding of U.S. and international private-sector privacy laws and regulations and the legal requirements for the transfer of sensitive personal data to/from the United States, the European Union and other jurisdictions. She regularly advises clients on CCPA, GLBA, HIPAA, COPPA, CAN-SPAM, FCRA, security breach notification laws, and other U.S. state and federal privacy and data security requirements, and global data protection laws. In addition to providing proactive privacy and information security compliance and legal advice, Erin manages privacy-related enforcement actions and litigation. Her practice includes representing companies in reactive incident response situations, including insider cybersecurity threats, electronic and physical theft of trade secrets, and investigation, analysis, and notification efforts with respect to security incidents and breaches.

A Fintech Leader’s Thoughts on the North Carolina Regulatory Sandbox Act

As part of Bradley’s continuing coverage of the North Carolina Sandbox Act, we wanted to know what community members and NC fintech aficionados thought about this proposed legislation. We posed six questions to Tariq Bokhari, an influential leader in the financial technology (fintech) industry, who serves as the executive director of the Carolina Fintech

Technology Boom in NC? What You Should Know About the Proposed Regulatory Sandbox in the Tarheel StateTechnology is evolving and advancing at a dizzying pace across the globe. Emerging technologies are reimagining everything from how we interact with each other to how we interact with businesses and institutions. Given the upward trajectory of technology, it seems that the “innovation” business is ripe for opportunity — an opportunity that appears poised to

Florida Legislature Considers Sweeping Data-Privacy Legislation Supported by GovernorFlorida has joined the wave of states considering new comprehensive data privacy legislation. On February 15, 2021, Rep. Fiona McFarland introduced HB 969, modeled after the California Consumer Privacy Act (CCPA). The bill is supported by Gov. Ron DeSantis and the speaker of the Florida House. As introduced, HB 969 would apply to for-profit businesses

Privacy Requirements under COVID-19 Emergency Rental Assistance ProgramMany relief programs have been implemented over the past year in response to COVID-19, and keeping up with the changing requirements for these programs can be daunting. A new twist in the requirements is the mandate for implementation of privacy requirements under the Emergency Rental Assistance Program. Here are some details about the Emergency Rental

Privacy Moves to the East Coast: Virginia Set to Enact Comprehensive Consumer Data Protection LawVirginia is primed to become the next U.S. state to pass comprehensive data-privacy legislation with striking similarities to the California Consumers Privacy Act (CCPA), the California Privacy Rights Act (CPRA), and the E.U.’s General Data Protection Regulation (GDPR).

The legislation, known as the Consumer Data Protection Act, passed the Virginia House of Delegates on January

Why It Matters Whether Hashed Passwords Are Personal Information Under U.S. LawOn January 22, 2021, Bleeping Computer reported about yet another data dump by the hacker group Shiny Hunters, this time for a clothing retailer. Shiny Hunters is known for exfiltrating large databases of customer information, often through misconfigured or otherwise compromised database. These databases typically contain credential information for customers, as was the case

Massachusetts Voters Approve Measure for Expanded Access to Vehicle DataIn a roller coaster of an election week, it was easy for smaller ballot measures to become overshadowed. One ballot measure that you may have missed is Massachusetts’s Ballot Question 1 regarding the “right to repair” motor vehicles. The ballot measure expands access to a driver’s motor vehicle data. Vehicles are increasingly becoming more computerized

2020 Brings Times of Change: Key Privacy Law Updates This YearThe privacy law landscape is constantly changing, and it can feel like a daunting task for businesses to keep up with the laws of 50 states in the U.S. plus any international laws that also may be applicable. 2020 seems to be a banner year for change on many fronts. COVID-19 and the 2020 elections

Privacy at the Polls: Portland, Maine Votes to Ban Facial Recognition TechnologyWhile the nation waits for the results of the presidential race to be tallied, across the country local and statewide referendums on privacy issues have been decided. In Portland, Maine voters approved a ballot measure to ban the use of facial recognition technology by local police and city agencies. Portland joins other cities such as