Photo of Tracy Marshall

Tracy Marshall assists clients with a range of business and regulatory matters.

In the business and transactional area, Ms. Marshall advises for-profit and non-profit clients on corporate organization, operations, and governance matters, and assists clients with structuring and negotiating a variety of transactions, including purchase and sale, marketing, outsourcing, and e-commerce agreements.

In the privacy, data security, and advertising areas, she helps clients comply with privacy, data security, and consumer protection laws, including laws governing telemarketing and commercial e-mail messages, contests and sweepstakes, endorsements and testimonials, marketing to children, and data breach notification. Ms. Marshall also helps clients establish best practices for collecting, storing, sharing, and disposing of data, and manage outsourcing arrangements and transborder data flows. In addition, she assists with drafting and implementing internal privacy, data security, and breach notification policies, as well as public privacy policies and website terms and conditions.

As to intellectual property matters, Ms. Marshall helps clients protect their copyrights and trademarks through registration, enforcement actions, and licensing agreements.

She also represents clients in proceedings before the Federal Communications Commission and Federal Trade Commission.

Ms. Marshall is a Certified Information Privacy Professional (CIPP/US) through the International Association of Privacy Professionals (IAPP) and a contributing author of the Consumer Protection Connection blog and Beyond Telecom Law Blog.

On August 4, 2016, the Federal Communications Commission (FCC) released a Declaratory Ruling granting in part two separate petitions that were filed last year – one by the Edison Electric Institute and American Gas Association, and another by Blackboard, Inc. – regarding application of the Telephone Consumer Protection Act of 1991 (TCPA) to certain types

Lawsuits- class actions in particular- alleging violations of the Telephone Consumer Protection Act of 1991, 47 U.S.C. § 227 (“TCPA”) are on the rise.  The Federal Communications Commission (“FCC”) has also been actively engaged in TCPA enforcement, and just last month released a Declaratory Ruling clarifying that sellers may be held vicariously liable for TCPA

The Obama Administration’s consumer data privacy framework released last month will impact companies’ data collection, use, and retention practices, and raises complex legal issues. As explained in a recent article by Keller and Heckman LLP, the notion of codes of conduct developed through a multistakeholder process, to be enforced by the Federal Trade Commission (“FTC”),

Do you know whether and how your websites use “cookies” or other technologies to collect information from users and/or target advertising?  Do you know what information is being collected and how it is being used?  The Federal Trade Commission has endorsed an online “Do Not Track” mechanism, and recent inquiries, investigations, and lawsuits relating to

Companies should not assume that their general liability policies cover cyber attacks, and they should anticipate disputes from insurers when seeking defense and/or indemnity under these policies.  This is illustrated by a Complaint filed by Zurich Insurance Company in the Supreme Court of New York against various Sony entities relating to claims for coverage after

Online hacking, lost or stolen laptops, and improper disposal are just some of the ways that personal information that a company collects from customers and employees can get into the wrong hands and be used to commit identity theft.  There are a variety of laws that dictate how companies must respond to a data breach,