As new cyber, privacy, and compliance reporting regulations become law, both public and private enforcers have tools and incentives to pursue data controllers for failures and delays in notification of privacy and security incidents. Understanding how different enforcers, such as state attorneys general, finance regulators, and private citizens represented by class action law firms, operate and the implications of their actions can help companies assess the potential risks of data management and identify gaps in their compliance efforts.

This TPCC discussion explores how organizations can address and resolve enforcement actions, and build resilient response programs through process transparency, timely reporting, and cooperative relationships with regulators.

Key takeaways:

  • Understanding your regulatory environment and reporting priorities
  • Causes of action in private enforcement
  • Total cost of class action lawsuits


  • Lauren Wallace, General Counsel & Chief Privacy Officer at RadarFirst
  • Aravind Swaminathan, Partner and Global Co-Chair Cybersecurity and Data Privacy at Orrick, Herrington & Sutcliffe LLP

Ready to take your risk reporting to the next level?

Download Guide

Schedule a Demo