Photo of Linn Foster Freedman

Linn Foster Freedman

Subscribe to Linn Foster Freedman's Posts

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chairs the firm’s Data Privacy and Security and Artificial Intelligence Teams. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations. She counsels a range of public and private clients from industries such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine and charitable organizations, on state and federal data privacy and security investigations, as well as emergency data breach response and mitigation. Linn is an Adjunct Professor of the Practice of Cybersecurity at Brown University and an Adjunct Professor of Law at Roger Williams University School of Law.  Prior to joining the firm, Linn served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

Contact:Read more about Linn Foster Freedman

In an excellent blog post, “Avoiding AI Pitfalls in 2026: Lessons Learned from Top 2025 Incidents,” ISACA’s Mary Carmichael summarizes lessons learned from top incidents in 2025 using MIT’s AI Incident Database and risk domains. According to Carmichael, an analysis of the incidents showed recurring patterns across different risk domains, including privacy, security

On December 17, 2025, the Federal Trade Commission (FTC) issued a press release announcing that it is taking action against Illusory Systems, Inc. “for failing to implement adequate data security measures, leading to a major security breach in which hackers stole $186 million from consumers.”

In its complaint, the FTC alleged that Illusory, doing business

On November 24, 2025, the Cybersecurity & Infrastructure Security Agency (CISA) issued an alert titled “Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications,” which outlines how “multiple cyber threat actors” are “leveraging commercial spyware to target users of mobile messaging applications.”

The threat actors “use sophisticated targeting and social engineering techniques to

On December 1, 2025, the Federal Trade Commission (FTC) approved a proposed complaint and order against Illuminate Education, Inc., an education technology provider requiring it to “to implement a data security program and delete unnecessary data to settle allegations that the company’s data security failures led to a major data breach, which allowed hackers to

In its 40th anniversary report, Trouble in Toyland 2025, the Public Interest Research Group (PIRG) warns that “[T]oys with artificial intelligence bots or toxics present hidden dangers. Tests show A.I. toys can have disturbing conversations. Other concerns include unsafe or counterfeit toys bought online.”

The report outlines PIRG’s testing of four toys (Curio’s Grok

On November 21, 2025, in a lengthy decision, U.S. District Judge for the Eastern District of Pennsylvania Mark A. Kearney quashed a subpoena issued by the U.S. Department of Justice (DOJ) to Children’s Hospital of Pennsylvania’s Gender and Sexuality Development Program (CHOP) seeking documents:

 (1) identifying the names, addresses, and social security numbers of