When I started practicing in the privacy and data security space years ago, my colleagues and I talked shop about the EU Data Protection Directive, sectoral laws like HIPAA and GLBA, and the early wave of data breach laws. As time passed, our conversations shifted to the Federal Trade Commission, Wyndham Hotels, poor LabMD, and the dawning realization that what was in a company’s privacy policy needed to be — well — accurate. Even then, we saw plenty of off-the-shelf privacy policies and related representations that tried, but did not line up with reality. And often, privacy lawyers were the lonely nerds in the room telling folks that maybe, just maybe, that document needed a bit more detail.
Fast forward to today: between the FTC’s steady stream of enforcement actions and the broader wave of privacy-related litigation and regulations, privacy lawyers know that what you say in a privacy policy — or should have said but didn’t — can come back to haunt you. (See this, for example.) At the IAPP global conference in March, we heard this repeatedly. As one speaker put it, if you say what you do and do what you say, you’re 80% of the way there. So, my big, not-so-earth-shattering takeaway from the IAPP this year is that accuracy matters, and digging into the details matters even more. We are no longer operating in the era of grace periods.
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00Privacy and Data Securityhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngPrivacy and Data Security2026-05-01 11:08:332026-05-01 11:28:10Everything I Needed to Know about Privacy I Learned in Kindergarten?
Is it just me, or is there nothing better than a story about a team of distinct personalities who come together — each with unique skills — and form an unstoppable force? You know the type: the awkward teens who start a metal group and win the citywide battle of the bands, or the underdogs who topple the smug reigning sports champions who haven’t lost in a decade. There’s truth in the saying: the whole is greater than the sum of its parts.
Our section is living proof. Since August, we’ve seen some real superpowers at work. Read on for some highlights.
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00Privacy and Data Securityhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngPrivacy and Data Security2025-12-11 11:14:522025-12-12 14:34:18The Chair’s Column: My Heroes Are Privacy Attorneys
Artificial intelligence is transforming not only how organizations operate, but how they’re attacked. In this latest “What’s Blowing Your Mind” video, Alex Pearce, a partner in Wyrick Robbins’ Privacy and Data Security group, discusses emerging AI-driven threats — from data leakage and model poisoning to next-generation phishing — and why traditional incident response plans must evolve to meet them.
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00Privacy and Data Securityhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngPrivacy and Data Security2025-11-11 16:25:572025-11-11 16:36:05What's Blowing Your Mind: AI-driven Threats
What’s Blowing Your Mind (WBYM) right now in privacy, data security, or AI?
We asked ourselves—and our colleagues in the field—the same question. The result? Kicking off the NCBA PDS Section’s “What’s Blowing Your Mind” series, which is meant to spark conversation around the thorny, timely, and occasionally mind-bending challenges facing practitioners today, from North Carolina to beyond.
We hope these clips ignite ideas, stir debate, and maybe even shift your perspective. First up: our Chair, Karin McGinnis, kicks things off with a July recording on the CPPA’s proposed regulations around automated decision-making. Read more
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00Securityhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngSecurity2025-09-25 14:49:092025-09-25 15:48:00Announcing the “What’s Blowing Your Mind?” Series — Watch it on the Blog
Earlier this year, the NCBarBlog spotlighted Opt-Inspire, and North Carolina became the first state to grant pro bono credit to attorney volunteers delivering our digital safety sessions. Since then, our presentations have been approved by the IAPP (formerly known as International Association of Privacy Professionals) for Continuing Privacy Education (CPE) credit (3.0 CPEs for a volunteer’s first presentation; 1.0 thereafter for CIPP/A, CIPP/C, CIPP/CN, CIPP/E, CIPP/US, CIPM, CIPT).
On October 1, 2025, in honor of Cybersecurity Awareness Month, we’re launching #1MSecureTogether along with a student-run nonprofit focused on enhancing digital literacy for older adults, Tech Me Kid. #1MSecureTogether is a nationwide push to equip one million people in one year with practical digital safety skills (by October 1, 2026).
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00Privacy and Data Securityhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngPrivacy and Data Security2025-08-18 16:51:372025-08-18 16:54:52North Carolina Helped Us Start a Movement, and Now We’re Aiming for 1 Million Safer
Two recent personal events had me thinking lately about the tension between innovation and individual rights, and the risk decisions we make to find a happy medium. The first event was the purchase of a car, necessitated by someone rear-ending my 2004 Honda. Being from Cleveland, it is logical to me to drive a vehicle into the ground, and I was perfectly happy with my ride. (So were the mice in our garage, but that is another story. I will say, however, that Irish Spring soap does work.) Although my kids derided me about the low tech, I didn’t realize what I was missing until I started driving the new car – a previously owned 2019 model with a more fulsome tech package. I had a fleeting thought about vetting the apps before connecting my personal devices, but with the promise of life-changing results, I forged ahead and am happily enjoying the benefits. An easy risk decision. The second event was our power going out as a result of a recent storm. Our power did not just go out for a few hours like our neighbors. Instead, when the electric company fixed the problem, the power surge killed our aging breakers, and we were without power – for over . . . twenty . . . four . . . hours. (Ellipses for dramatic effect. It actually wasn’t so bad.) I learned, however, that a high-end smart breaker panel may have given us some warning, and at the very least saved me from a bad hair day. But smart devices mean sharing information. And again, there’s that tension.
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00Privacy and Data Securityhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngPrivacy and Data Security2025-07-29 14:02:582025-08-18 09:48:45The Chair's Column, July 2025
Can you imagine a time when the internet was foreign, unknown, and unexplored by the common lawyer? For many lawyers, the early 1990s was such a time. The release of the Mosaic web browser on January 23, 1993, introduced the internet to the general public and popularized the World Wide Web. Mosaic’s features made the web more visually appealing and accessible. Mosaic’s graphical user interface allowed users to visually navigate the web using icons, buttons and menus, rather than text-based commands. Images were integrated with their accompanying text, not shown in a separate window. Clickable hyperlinks allowed navigation between web pages. The intuitive interface and easy installation process appealed to a broader audience, including those who were not technically inclined, and earned Mosaic the title of “user friendly.” Mosaic influenced further developments such as web browsers (e.g., Netscape Navigator in 1994 and Internet Explorer in 1995), e-commerce (e.g., Amazon founded in 1994 and eBay founded in 1995), online communities (e.g., GeoCities founded in 1994), and search engines (e.g., Yahoo! Search in 1994).
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00Privacy and Data Securityhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngPrivacy and Data Security2025-01-21 12:03:542025-01-21 12:20:33From Dial-Up to Deep Learning: Looking Back and Looking Forward
The North Carolina Bar Association is proud to launch the “Opt-Inspire Initiative,” a new pro bono program that empowers seniors with critical digital literacy skills to safeguard themselves from scams and bridge the generational digital divide. Designed by Alexandria (Lexi) Lutz, Senior Corporate Counsel at Nordstrom, where she focuses on privacy, cybersecurity, and artificial intelligence, this initiative addresses the dual challenges of preventing scams and fostering digital connection among seniors.
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00Privacy and Data Securityhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngPrivacy and Data Security2025-01-06 11:49:482025-01-06 11:49:48Empowering Seniors Through the Opt-Inspire Initiative
Viewing Locations: Raleigh, NC, Charlotte, NC, or Virtual Zoom
The NCBA Privacy & Data Security Section proudly presents an exclusive Fireside Chat featuring the esteemed Irene Liu, Founder of Hypergrowth GC and Executive in Residence at the UC Berkeley School of Law. Irene brings a wealth of knowledge and experience in artificial intelligence and privacy law.
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00Privacy and Data Securityhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngPrivacy and Data Security2024-11-12 09:09:102024-11-12 09:18:05Join Us for an Exclusive NCBA Privacy & Data Security Section Fireside Chat on Navigating AI With Irene Liu, AI Advisor
Have you asked yourself how you could better balance the workload among your team members? Enhance your team’s collaborative environment? Nurture your team members and utilize their skills to best meet the client’s objectives? And, speaking of IoT, what are ways that teams work together to ensure compliance with global IoT legal requirements?
Please register soon and join us for the Fireside Chatwith Rob Keller, Senior Director and Associate General Counsel with Cisco, on October 8, 2024, at 3 p.m. Eastern Standard Time, to hear about these issues. Even if you don’t practice in the IoT arena, you are sure to gather insights into teams that you can carry into your own practice. Our own NCBA Privacy & Data Security Section’s Shannon Ralich will host Monday’s Fireside Chat, bringing her experience as Head of Global Privacy & AI at JFrog to the discussion in what promises to be a great event.
The Privacy & Data Security Executive Council looks forward to your attendance! We hope you can come!
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00Securityhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngSecurity2024-10-02 09:31:292024-10-02 10:17:01Upcoming Fireside Chat and Message From the PDS Communications Chair
By 
By 
By