Molly Arranz: Cybersecurity and Data Privacy Legal Advocate for Businesses: Amundsen Davis

Overview

For Molly Arranz, being a lawyer is about being an advocate. Growing up, she witnessed legal challenges her father faced while he ran his own, small business—issues that resulted from his not finding necessary legal assistance for his company’s needs. Her decision to go to law school stemmed from her desire to address this gap and provide legal support for businesses like the one her father owned.

Molly is the chair of Amundsen Davis’s Cybersecurity & Data Privacy Service Group. She is a certified privacy professional (CIPP-US) and a recognized Privacy Law Specialist by the American Bar Association. After a decade and a half of defending companies in consumer privacy class actions and against a backdrop of emerging data privacy laws, Molly advises companies in all industries on compliance with a patchwork of privacy laws and regulations, including: consumer protection regulations; tracking technology disclosures; consumers’ and employees’ rights to access, limit, correct and delete their data; and state and federally mandated notification, disclosure and consent requirements. She also advises a range of companies on their incident response protocol and has served as a breach coach for companies small and large, including multinational and international companies. She counseled a global telecommunications software and cloud computing company on compliance issues for its cloud services. She reviews and advises on data protection addendums and agreements.

Molly is a partner in the firm’s Class Action Service Group. She has defended more than 100 class actions involving a range of legal theories, including privacy violations, consumer fraud, breach of contract, breach of warranty, breach of confidentiality and misrepresentation. She defends clients in claims arising from the Federal Wiretap Act, the Illinois Biometric Information Privacy Act (BIPA), the Computer Fraud and Abuse Act (CFAA), the Fair Credit Reporting Act (FCRA), the Fair Labor Standards Act (FLSA), the Telephone Consumer Protection Act (TCPA), the Chicago Residential Landlord and Tenant Ordinance (RLTO), CERCLA, the Clean Water Act, and RCRA. She represents a wide variety of companies from small family-owned businesses to Fortune 500 companies.

In her career, Molly has also defended more than 75 mass tort cases involving claims arising from allegations of exposure to asbestos, silica and benzene.

Experience

Membership & Involvement

Amundsen Davis Executive Committee
Member: International Association of Privacy Professionals; American Bar Association; Wisconsin Bar Association
Former Co-Chair: Amundsen Davis Committee for Diversity and Inclusion

Court Admissions: Illinois; Wisconsin; U.S. Court of Appeals Seventh Circuit; U.S. Court of Appeals Eleventh Circuit; U.S. District Court, Central District of Illinois; U.S. District Court, Northern District of Illinois; U.S. District Court, Northern District of Indiana; U.S. District Court, Eastern District of Michigan; U.S. District Court, Western District of Michigan; and, U.S. District Court, Eastern District of Wisconsin.

Pro Hac Vice Admissions: Florida; Indiana; Arizona; District of Columbia; U.S. District Court, District of Connecticut; U.S. District Court, Southern District of Florida; U.S. District Court, Eastern District of Missouri; U.S. District Court, Middle District of North Carolina; and, U.S. District Court, Eastern District of Pennsylvania.

Honors

Selected to the Illinois Super Lawyers list: 2021, 2022
Selected to the Illinois Super Lawyers "Rising Stars" list: 2011, 2013
Selected to The Best Lawyers in America^®in Mass Tort Litigation / Class Actions - Defendants: 2023
2024 Burton Award Recipient: Distinguished Legal Writing

Resources & Insights

In the Media

Law.com Quotes Molly Arranz on Class Action Against The New York Times
Media Mention, September 12, 2024
CyberSecurity Misconceptions -- ITSPMagazine Interviews Molly Arranz
Media Mention, June 8, 2020
Law Firms Weigh in on Privacy Rules for Biometrics for Online Work and School - BiometricUpdate.com Quotes Molly Arranz
Media Mention, April 28, 2020
Molly Arranz Quoted in the Cook County Record on Facebook Settlement of Biometric Class Actions
Media Mention, February 5, 2020
How Criminal Organizations Have Refined Their Techniques -- Molly Arranz Quoted by CNBC
Media Mention, June 26, 2019
Cirque Du Soleil Wins TCPA Decert, After China Agritech – Law 360 Article Mentions Eric Samore, Molly Arranz, Ronald Balfour and Albert Bower
Media Mention, August 3, 2018
Molly Arranz Quoted in Chicago Lawyer Article, “Cyber Insurance: Are Insurers’ New Digital-Attack Policies Worth the Hype?”
Media Mention, June 4, 2018
Citing Spokeo, Judge Blocks TCPA Class Against Pet Insurer - Law360 Mentions Eric Samore, Molly Arranz, John Ochoa
Media Mention, August 17, 2017
Cirque US Arm Wants Out Of TCPA Junk Fax Complaint - Law360 Article Mentions Eric Samore and Molly Arranz
Media Mention, November 2, 2016
Cirque Wants Stay, Group Wants Cert. In Junk Fax Fight - Law360 article mentions Eric Samore and Molly Arranz
Media Mention, December 17, 2015

Alerts

One Reason Why You May Want to Revisit Your Outreach To Customers, Clients and Contacts
Article, Amundsen Davis Cybersecurity & Data Privacy Alert, July 24, 2024
BIPA Reform on the Horizon: Illinois Legislature Passes Significant Legislation Eliminating Per-Scan Damages
Article, Amundsen Davis Cybersecurity & Data Privacy Alert, May 17, 2024
Don’t Gamble With Your Cybersecurity and Incident Response Plan: Lessons Learned from the Las Vegas Ransomware Attacks
Article, Amundsen Davis Cybersecurity & Data Privacy Alert, September 21, 2023
BIPA’s Discretionary Damages in Practice: BNSF Gets Its Shot to Reduce a Historic $228 Million Judgment
Article, Amundsen Davis Cybersecurity & Data Privacy Alert, July 11, 2023
Best Business Practices to Prevent or Reduce the Risk of Wire Transfer Fraud
Article, Amundsen Davis Cybersecurity & Data Privacy Alert, June 14, 2023
Another Data Collection Tool Leads to Privacy Class Actions
Article, Amundsen Davis Cybersecurity & Data Privacy Alert, March 9, 2023
Employers’ Rights Under the Computer Fraud and Abuse Act (CFAA) Narrowed after Supreme Court Decision in Van Buren
Amundsen Davis Data Privacy & Security and Labor & Employment Alert, November 8, 2021
Ready or Not: New Wisconsin Cybersecurity Law—Act 73—Imposes Cybersecurity Requirements on Insurance Providers
Article, Amundsen Davis Data Privacy & Security Alert, July 16, 2021
Data Collection Class Actions on the Rise: Consider Your Privacy Compliance
Amundsen Davis Data Privacy & Security Alert, February 24, 2021
BIPA: The Ongoing Threat of Employee Class Actions and Recent Developments
Amundsen Davis Data Privacy & Security Alert, October 9, 2020
A Data Protection Checklist for Education Vendors Navigating the “New Normal” of Remote Learning
Amundsen Davis Data Privacy & Security Alert, September 28, 2020
A National Biometric Privacy Law? Laws Protecting “Biometric” Identifiers Continue to Cut a Blazing Trail
Amundsen Davis Data Privacy & Security Alert, August 19, 2020
Emails Seemingly Sent from the Small Business Administration Regarding COVID-19 Loan Relief Could Be Phishing Emails: Exercise Caution!
Amundsen Davis Data Privacy & Security Alert, August 14, 2020
Top 5 Data Privacy Considerations when Managing a Workforce Working at Home
Amundsen Davis Data Privacy & Security Alert, April 16, 2020
Biometric Data in the Days of Virtual Interaction and E-Learning
Amundsen Davis Data Privacy & Security Alert, April 7, 2020
Messaging about Deals, Sales or Curbside Pickup? What to Consider Before Texting Customers
Amundsen Davis Data Privacy & Security Alert, March 30, 2020
Cybersecurity in the Home Office: How to Stay Vigilant During COVID-19
Amundsen Davis Data Privacy & Security Alert, March 26, 2020
The California Consumer Privacy Act: A Landmark Law Heralding the Future of Consumer Privacy?
Amundsen Davis Data Privacy & Security Alert, October 24, 2019
Insurance Companies Take Note: Another Compliance Concern For Your Cybersecurity “To Do” List
Amundsen Davis Data Privacy & Security Alert, April 26, 2019
Ransomware Attack of Fleet Vehicles? Yes, It Could Happen to You
Amundsen Davis Alert, August 3, 2018
U.S. Companies with Global-Reach Take Note: GDPR is on the Fast-Approaching Horizon
Amundsen Davis Data Privacy & Security Alert, May 21, 2018
Spokeo: Now Part of Your Daily Dose of Data Breach Litigation
Amundsen Davis Data Secrity & Breach Alert, October 21, 2016
Concrete or Not So Concrete: That is the Question
Amundsen Davis Class Action Alert, May 18, 2016
Holster That Offer: Supreme Court Denies Company's Attempt to Pick-off Lead Plaintiff in a Class Action
Amundsen Davis Class Action Alert, March 7, 2016

Speaking Engagements

Two of the Biggest Threats to Your Company’s Cybersecurity: The Cyber Hygiene Practices of Your Third-Party Service Providers and Your Employees
Event, Amundsen Davis, Webcast, October 22, 2024
Amundsen Davis's Ninth Annual Labor & Employment Fall Seminar
Event, Livestream, September 13, 2023
How Not to Get Fired as a General Counsel
Speaking Engagement, The Osthoff Resort; Elkhart Lake, WI, May 18, 2023
Navigating Patient Privacy Against the Backdrop of Court Rulings, New Privacy Laws, and a Sophisticated Threat Landscape
Speaking Engagement, Hilton Chicago; Chicago, IL, November 18, 2022
Corporate Governance: From Nuts and Bolts to Trending Topics
Speaking Engagement, Illinois Chamber of Commerce, Webcast, September 21, 2022
Ransomware and Other Cyber-Related Issues
USLAW Network General Counsel and Outside Counsel Forum; Phoenix, AZ, May 2022
Cyber Threat Actors Have their Eyes on the Construction Industry
Event, Amundsen Davis, Webcast, November 16, 2021
Cyber Security
Wisconsin Association of Mutual Insurance Companies, Leadership Retreat; Lake Geneva, WI, October 20, 2021
Weathering the Cyber Attack or Data Incident as a Business
2021 ATA Litigation Center Trucking Legal Forum, Seminar; Washington, DC, July 28, 2021
Short Course: Cybersecurity Legal Considerations for the Insurance Sector
Wisconsin Association of Mutual Insurance Companies (WAMIC); Stevens Point, Wisconsin, July 13, 2021
Your Employee Asked to Work Remotely Indefinitely (or Short Term): Important Legal Considerations Before You Say Yes
Event, Amundsen Davis, Webcast, June 23, 2021
Attention All In-House Lawyers and GCs: Missteps Before Or After A Data Incident Could Land You In Professional Hot Water
Event, Amundsen Davis, Webcast, June 2, 2021
BIPA: The Ongoing Threat of Employee Class Actions and Recent Developments
Illinois Manufacturers’ Association, Webcast, November 5, 2020
BIPA: The Ongoing Threat of Employee Class Actions and Recent Developments
Event, Amundsen Davis, Webcast, October 29, 2020
USLAW Network Virtual Worldwide Retreat: 2021 and Beyond
USLAW Network, Webcast, September 30, 2020 - October 9, 2020
Data Privacy: Obligations Under the Law and in Practice
2020 American Trucking Association Litigation Center Trucking Legal Forum, Webcast, July 23, 2020
Pandemic Cybersecurity Related Issues and the New Normal
USLAW Network, Inc, Webcast, June 2, 2020
CLE: Breaches and Biometrics – Current Trends in Data Privacy Enforcement and Litigation
Illinois College of Law and the Law Alumni Board, Seminar; Chicago, IL, February 20, 2020
Webinar: The California Consumer Privacy Act
National Automatic Merchandising Association; Webinar, December 4, 2019
Managing Data Security and Privacy Risks
USLAW Network In-House Counsel Forum, Seminar; Minneapolis, MN, October 30, 2019
The State of Cyber Breach Litigation: Murky Water that Continues to Swell
2019 IBA Security Conference; Carmel, IN 46032, October 2, 2019
Cybersecurity Basics for Under-Resourced Organizations
CyberSecure My Business Workshop, Seminar; Madison, WI, September 24, 2019
Wisconsin Governor’s Cybersecurity Summit: Small Enterprise Cybersecurity Workshop
National Cybersecurity Alliance; Madison, Wisconsin, September 24, 2019
Celebrate PRIDE With Amundsen Davis
Chicago, IL, June 27, 2019
CyberSecure My Business Workshop
National Cyber Security Alliance; Chicago, IL, May 9, 2019
Electronic Data Storage: How to Protect your Employees’ Privacy
EBANI Meeting, February 27, 2019
Data Privacy, Immigration, Harassment, Problem Employees - Employer Headaches in 2018 and Beyond
Event, Amundsen Davis, Seminar; Lombard, IL, September 26, 2018
Trying to Put a Finger on Data Privacy Issues: Biometrics -- A Headache for Illinois Companies
Illinois Chamber of Commerce; Webinar, April 12, 2018
What is Your Legal Exposure When Using Third-Party Cloud Providers
3rd Annual Financial Services Cybersecurity Conference, Indiana Infragard Members Alliance; Carmel, IN, March 22, 2018
Celebrate PRIDE With Amundsen Davis
Brando's Speakeasy, June 21, 2017
Cybersecurity: Stopping Scammers in Their Tracks!
Better Business Bureau; Chicago, IL, May 2, 2017
Protecting Data and Your Company: Cybersecurity Update
Illinois Chamber of Commerce; Webinar, March 2, 2017
The State of Cyber Breach Litigation
2016 USLAW Network Data Privacy Security Book Camp, Dallas, TX, November 2016
The Inevitable Class Action: Preparing for, Defending and Recovering from Potential, Company Calamity
Association of Corporate Counsel, Chicago, IL, November 2, 2016
Protecting Your Data - Challenges & Best Practices
Illinois Chamber of Commerce, Webinar, July 13, 2016
Celebrate PRIDE With Amundsen Davis
June 23, 2016
Amundsen Davis Hosts Third Annual Black History Month Event
Park Hyatt, Chicago, IL, February 18, 2016

Published Works

Put Down Your Phone and Watch Those Texts: New Regulations Impacting Your Outreach to Customers, Clients and Contacts
Publication, USLAW Magazine, Summer 2024
"Pixels" and "Cookies," Charming Terms for Tracking Technology, Can Lead to Ugly Data Privacy Headaches
Publication, USLAW Magazine, Summer 2023
Top 5 Cyber Security Threats the Manufacturing Industry Should Watch in 2022
The Illinois Manufacturer, February 2, 2022
A Fast-Moving Train Coming Into the Insurance Company Station? The Cybersecurity Model Rule for Carriers
USLAW Magazine, July 25, 2019
Electronic Logging Devices (“ELD”): Yet Another Avenue for a Cyber Attack?
The Transportation Lawyer, April 2019
Trying to Put a Finger on the New Frontier of Privacy Compliance: Biometric Data
Indiana Bankers Association, December 8, 2017
No Harm, No Foul…No Case
USLAW Magazine, Fall 2016

Blog Posts

BIPA Reform on the Horizon: Illinois Legislature Passes Significant Legislation Eliminating Per-Scan Damages
Labor & Employment Law Update, May 17, 2024
It’s Now Official --- A Union Worker’s BIPA Claims are Subject to Federal Labor Law Preemption
Labor & Employment Law Update, March 27, 2023
The Hits Keep Coming: Illinois Supreme Court Finds Claims Accrue Upon Each Scan or Transmission Under BIPA
Labor & Employment Law Update, February 17, 2023
Illinois Supreme Court Confirms a 5-Year Statute of Limitations Applies to All BIPA Claims
Labor & Employment Law Update, February 2, 2023
The California Privacy Rights Act Brings New Data Requirements for Employers in 2023
Labor & Employment Law Update, December 7, 2022
BIPA Strikes Again: $228 Million Verdict Awarded in First BIPA Jury Trial
Labor & Employment Law Update, October 18, 2022
Top Five Data Privacy Considerations Before Using Online Hiring Platforms
Labor & Employment Law Update, June 9, 2022
BIPA’s Statute of Limitation and Claims Accrual – Two Anticipated Decisions in State and Federal Courts
Labor & Employment Law Update, May 4, 2021
7th Circuit Allows USERRA Class Action to Proceed
Labor & Employment Law Update, March 11, 2021
IL Supreme Court to Consider Impact of Workers’ Compensation Exclusive Remedy Rule on BIPA Claims
Labor & Employment Law Update, January 29, 2021
BIPA: The Ongoing Threat of Employee Class Actions and Recent Developments
Labor & Employment Law Update, October 9, 2020
Biometric Data in the Days of Virtual Interaction and E-Learning
Labor & Employment Law Update, April 7, 2020
Facebook Agrees to $550 Million Settlement in BIPA Class Action
Labor & Employment Law Update, February 4, 2020
Facebook Facing Massive Class Action Trial: Ninth Circuit Rules BIPA Class Action Can Proceed
Labor & Employment Law Update, August 12, 2019
Illinois Supreme Court Rules Actual Damages, Injury or Harm Not Necessary in Biometric Privacy Case
Labor & Employment Law Update, January 25, 2019

Education on Demand

Two of the Biggest Threats to Your Company’s Cybersecurity: The Cyber Hygiene Practices of Your Third-Party Service Providers and Your Employees
Join Amundsen Davis’s Cybersecurity & Data Privacy Service Group attorneys Molly Arranz, practice group chair, and John Williams, partner, for a timely Cybersecurity Awareness Month discussion on how to keep your organization safe.
More Info ›
Data Privacy and Security Concerns for Employers in 2023
During this presentation Molly Arranz and John Ochoa will review data privacy and security concerns for employers, including concerns related to the Biometric Privacy Act and the Genetic Information Privacy Act. They will review best practices and policies employers should have in place to avoid legal pitfalls.
More Info ›
Cyber Threat Actors Have their Eyes on the Construction Industry
It is not if, but when. Though construction companies—especially smaller ones—may believe it won’t happen to them, more and more companies have suffered or will suffer a “data incident” or cyber-attack in some form. In 2020, alone, small businesses were targeted 43% of the time, and malicious emails are up 600% due to COVID-19.
More Info ›
BIPA: The Ongoing Threat of Employee Class Actions and Recent Developments
The Biometric Illinois Privacy Act (BIPA) was enacted over 12 years ago and many questions are still being battled in court as employers and employees continue to navigate this biometric privacy law.
More Info ›