Nicole Kardell

ASSOCIATE
nicole kardell wide photo
Biography

Nicole approaches her legal practice from both a global and a business perspective: she advises clients in a way that factors the broader ramifications of the legal issue before them, in addition to practical considerations. In this, she strives for effective and efficient advocacy.

A member of Ifrah Law’s Privacy Law team, Nicole is a certified privacy professional with expertise in European privacy law (CIPP/E), in particular the GDPR. She helps companies to navigate the changing face of privacy regulations and to keep their business practices and partnerships in compliance with the law both domestically and abroad. She regularly advises clients on:

  • Public-facing privacy statements
  • Internal privacy policies
  • Data protection agreements
  • Data retention practices
  • Data breach response procedures
  • Employee privacy training

Helping to serve the firm’s litigation and enforcement practices, Nicole’s work also includes federal agency investigations and enforcement, bid protests and business litigation, and white collar defense. She has worked on matters involving the Federal Trade Commission, Department of Justice, Internal Revenue Service, Offices of Inspector General of several federal agencies, and Attorneys General of numerous states. Nicole also has worked on many matters in which clients have proactively opposed government action – before administrative as well as judicial bodies. When necessary, she has taken policy issues to congressional offices and committees.

Some of her representative matters include:

  • For a U.S.-based eSports company that operates in a number of jurisdictions around the globe, Nicole counseled on GDPR compliance measures and requirements, helping the company to revise its policies, notices and consents, identify E.U.-based compliance support, and strategize compliance best practices for their business.
  • For a U.S.-based online advertising company that is regularly rated as one of the top CPA networks, with clients worldwide, Nicole helped the company on ground-up GDPR compliance, including internal policies, partner contracts, customer-facing notices and consents, and compliance best practices. She continues to advise the company on GDPR compliance issues as questions arise.

 

Professional + Community

  • Certified Information Privacy Professional/Europe (CIPP/E) Certification, International Association of Privacy Professionals
  • President and Member of the Board of Directors of the Alliance Francaise de Charlottesville
  • Former Member of the Board of Trustees for the International School of Charlottesville
  • Regular Contributor for the Foundation for Economic Education
Publications + Presentations
September 25, 2019 | Publication

"The Definitive Guide to Online Gaming and Betting in the U.S."

Comprehensive eBook from Ifrah Law, available as a complimentary download

Read more

November 8, 2017 | Publication

"The Legal Fallout For Harvey Weinstein’s Hired Hands"

Law360

Read more

July 20, 2015 | Publication

"The Spy In Your Pocket"

FEE.org

Read more

April 15, 2015 | Presentation

A. Jeff Ifrah, Moderator, "Mock Trial: United States v. Ginger McKenna", iGNA 2015, Planet Hollywood Resort & Casino in Las Vegas, Nevada

Read more

March 17, 2015 | Publication

"Bureaucracy Unlimited"

FEE.org

Read more

January 20, 2015 | Publication

"You’ll Never Guess Who’s Trying to Hack Your iPhone"

FEE.org

Read more

March 2014 | Publication

"Because We Have To", Career College Central

Read more

January 2014 | Publication

"Anticipating Gainful", Career College Central

Read more

November 2013 | Publication

"Your Other Regulatory Concern", Career College Central

Read more

March 2008 | Publication

"Are You Prepared For a Government Probe?", National Defense Magazine

Case Studies

Securing Dismissal of a False Claims Qui Tam Suit

Jeff Ifrah successfully represented global health care leader Merck in a False Claims Act qui tam suit and got the case dismissed.

The suit involved a whistleblower that worked for a health care buying company (a group purchasing organization that purchases supplies and drugs). Terminated from the buying group, the employee alleged she was retaliated against because of issues she raised about the buying process.

The case was brought before the U.S. District Court for the Northern District of Texas, and 18 drug companies were named as defendants in an alleged bribery scheme. Jeff represented Merck, which was one of the named defendants. He filed a successful motion to dismiss the complaint, based on the former employee’s alarming lack of specificity in her claim.

Not only was our motion to dismiss successful, it was efficient: Jeff won the dismissal roughly one year after Merck and the other defendants were originally served.

(United States ex rel. Fitzgerald v. Novation LLC, et al., S.D. Tex., No. 3:03-CV-01589))

Blog Posts
April 15, 2020

FTC Enforcement reminds Companies to live up their Promises

FTC Enforcement reminds Companies to live up their Promises

The FTC recently announced its settlement with Tapplock, Inc., a maker of smart padlocks (Internet-connected fingerprint-enabled padlocks that you can use in lieu of old-fashioned combo locks). The FTC investigated the Canadian-based company for its allegedly false claims that its Internet-connected smart locks were designed to be “unbreakable” and that the company took reasonable steps… Read More

April 8, 2020

Failure to Certify: Companies That Falsely Claim They Are Privacy Shield Certified or Let Their Certification Lapse Face Enforcement Action.

Failure to Certify: Companies That Falsely Claim They Are Privacy Shield Certified or Let Their Certification Lapse Face Enforcement Action.

Does your company’s privacy policy include a claim that it is Privacy-Shield certified? If so, you should ensure that it is, in fact, certified and that the certification has not lapsed. Failures in this area are low-hanging fruit for government enforcement actions.   A little background on the Privacy Shield Framework.  The U.S. Privacy Shield framework… Read More

April 7, 2020

Telemarketing Restrictions During State of Emergency

Telemarketing Restrictions During State of Emergency

  If part of your marketing plan involves calls to consumers, please be aware of additional telemarketing restrictions in some states (presently New York and Louisiana) during a state of emergency.   New York New York recently enacted a law to prohibit unsolicited telemarketing calls during a state of emergency. Since New York Governor Andrew Cuomo… Read More

March 26, 2020

Privacy Pointers for Employees of the Teleworking World

Privacy Pointers for Employees of the Teleworking World

Work got a lot more personal when it moved in with my family. For people used to keeping a healthy divide between their business and personal lives, the new telework dynamic can be particularly stressful. That “healthy divide” can crumble under the weight of quarantine as tiny voices (kids and pets) infiltrate teleconference and video… Read More

March 25, 2020

Telework: Businesses Need Smart Practices ASAP to Reduce the Threat of Data Security Incidents. Here’s the Quick and Dirty of Smart Practices

Telework: Businesses Need Smart Practices ASAP to Reduce the Threat of Data Security Incidents. Here’s the Quick and Dirty of Smart Practices

COVID19 is not the only viral threat we face these days. Malware is a very real vulnerability for businesses large and small, among a host of other data security threats.   We have rapidly transitioned to telework. For many (perhaps most) businesses, that transition took place without a clear inventory of hardware leaving the office and… Read More

Crime in the Suites | FTC Beat | Ifrah on iGaming