Photo of Tracy Marshall

Tracy Marshall counsels international and domestic for-profit and non-profit clients on a range of privacy, data security, advertising, promotions, and intellectual property matters. She also advises on general corporate and transactional matters.

Tracy assists clients with compliance and advocates on their behalf. She is a Certified Information Privacy Professional (CIPP/US) through the International Association of Privacy Professionals (IAPP) and helps clients implement privacy, data security, and security breach response programs, develop internal and public-facing privacy policies to comply with applicable laws, respond to cyber and data security incidents, and manage relationships with service providers and third parties. Tracy advises on structuring and conducting email and text messaging campaigns, sweepstakes, contests, and other promotions, and she helps clients protect and enforce their intellectual property rights.

In addition, Tracy counsels clients on corporate matters and assists with structuring and negotiating a variety of transactions, including licensing, marketing, and outsourcing arrangements.

Tracy is frequently invited to speak at privacy, data security, telecommunications, and advertising conferences and is a contributor to Keller and Heckman’s Consumer Protection Connection blog and Beyond Telecom Law Blog.


To learn more about Tracy's practice areas, click here.

Keller and Heckman Partners Jim Baller, Casey Lide, Tracy Marshall, Sean Stokes, and Wes Wright will present at a workshop during the Broadband Communities Summit to take place in Houston, Texas on May 2-5, 2022. The summit will feature presentations by community leaders focusing on providing high-speed broadband networks. It will also address the key

On August 4, 2016, the Federal Communications Commission (FCC) released a Declaratory Ruling granting in part two separate petitions that were filed last year – one by the Edison Electric Institute and American Gas Association, and another by Blackboard, Inc. – regarding application of the Telephone Consumer Protection Act of 1991 (TCPA) to certain types

Lawsuits- class actions in particular- alleging violations of the Telephone Consumer Protection Act of 1991, 47 U.S.C. § 227 (“TCPA”) are on the rise.  The Federal Communications Commission (“FCC”) has also been actively engaged in TCPA enforcement, and just last month released a Declaratory Ruling clarifying that sellers may be held vicariously liable for TCPA

The Obama Administration’s consumer data privacy framework released last month will impact companies’ data collection, use, and retention practices, and raises complex legal issues. As explained in a recent article by Keller and Heckman LLP, the notion of codes of conduct developed through a multistakeholder process, to be enforced by the Federal Trade Commission (“FTC”),

Do you know whether and how your websites use “cookies” or other technologies to collect information from users and/or target advertising?  Do you know what information is being collected and how it is being used?  The Federal Trade Commission has endorsed an online “Do Not Track” mechanism, and recent inquiries, investigations, and lawsuits relating to

Companies should not assume that their general liability policies cover cyber attacks, and they should anticipate disputes from insurers when seeking defense and/or indemnity under these policies.  This is illustrated by a Complaint filed by Zurich Insurance Company in the Supreme Court of New York against various Sony entities relating to claims for coverage after

Online hacking, lost or stolen laptops, and improper disposal are just some of the ways that personal information that a company collects from customers and employees can get into the wrong hands and be used to commit identity theft.  There are a variety of laws that dictate how companies must respond to a data breach,