Mary J. Hildebrand, Chair of the Privacy & Cybersecurity group, is quoted in Compliance Week in an article on how state laws are filling in the federal privacy data void and why New York State's privacy legislation is important. She says it puts “more companies at issue since it includes far more companies under its jurisdiction. State law also allows private causes of action for violating the New York Privacy Act, although New York might make the individual litigant prove damages.” Hildebrand adds that “[c]ompanies seeking to comply [with the New York Privacy Act] will be confronted by complexity and entirely new (and ill-defined) concepts such as ‘data fiduciary’ and ‘privacy risk’ … [and that] in any merger or acquisition that involves the transfer of personal data associated with a New York state resident, affirmative consent to the transfer must be obtained from each New York resident before the transfer is permitted to occur.”