Photo of Molly A. Arranz

Molly A. Arranz



University of Wisconsin Law School, J.D.

Marquette University, B.A., magna cum laude and Phi Beta Kappa

Certified Privacy Professional (CIPP-US) 




For Molly Arranz, being a lawyer is about being an advocate. Growing up, she witnessed legal challenges her father faced while he ran his own, small business—issues that resulted from his not finding necessary legal assistance for his company’s needs. Her decision to go to law school stemmed from her desire to address this gap and provide legal support for businesses like the one her father owned.

Molly is the chair of SmithAmundsen’s Data Privacy and Security Practice Group. She is a certified privacy professional (CIPP-US) and a recognized Privacy Law Specialist by the American Bar Association. Molly regularly advises companies about how to protect against, and respond to, cyber and privacy invasions, and has provided compliance counseling to a global provider of cloud services. Molly also counsels clients on compliance considerations involving consumer protection regulations, data privacy practices, notification and consent requirements, including the requirements of the Illinois Biometric Privacy Act (BIPA), and advertising regulations.

Molly is a partner in the firm’s Class Action Practice Group. She has defended more than 80 class actions involving a range of legal theories, including privacy violations, consumer fraud, breach of contract, breach of warranty and misrepresentation. She defends clients in claims arising from BIPA, the Fair & Accurate Credit Transactions Act (FACTA), the Fair Credit Reporting Act (FCRA), the Fair Labor Standards Act (FLSA), the Telephone Consumer Protection Act (TCPA), the Chicago Residential Landlord and Tenant Ordinance (RLTO), CERCLA, the Clean Water Act, and RCRA. She represents a wide variety of companies from small family-owned businesses to Fortune 500 companies.

In her career, Molly has also defended more than 75 mass tort cases involving claims arising from allegations of exposure to asbestos, silica and benzene.

Molly litigates in federal and state courts throughout the country. She briefed and then argued issues of statutory construction in front of the 11th Circuit, in a class action arising out of the Telephone Consumer Protection Act and Federal Communication Commission regulations. In another class action arising from consumer claims, she first defeated class certification and then tried the case to a defense verdict. Thereafter, she briefed, argued and won the appeal before the D.C. Court of Appeals.

Outside of practicing law, Molly participates in community, school and church organizations. An avid sports fan, she has volunteered at her daughter’s school as an assistant basketball coach and is currently part of a women’s league north of the city.


  • Selected to the Illinois Super Lawyers List: 2021
  • Selected to the Illinois Super Lawyers List of Rising Stars: 2011, 2013

Memberships & Involvement

  • Co-Chair: SmithAmundsen Committee for Diversity and Inclusion
  • Member: International Association of Privacy Professionals; American Bar Association; Wisconsin Bar Association

Court Admissions: Illinois; Wisconsin; U.S. Court of Appeals Seventh Circuit; U.S. Court of Appeals Eleventh Circuit; U.S. District Court, Central District of Illinois; U.S. District Court, Northern District of Illinois; U.S. District Court, Northern District of Indiana; U.S. District Court, Eastern District of Michigan; U.S. District Court, Western District of Michigan; and, U.S. District Court, Eastern District of Wisconsin.

Pro Hac Vice Admissions: Florida; Indiana; Arizona; District of Columbia; U.S. District Court, District of Connecticut; U.S. District Court, Southern District of Florida; U.S. District Court, Eastern District of Missouri; U.S. District Court, Middle District of North Carolina; and, U.S. District Court, Eastern District of Pennsylvania.


Class Action

  • Obtained summary judgment on behalf of one of the nation’s leading providers of transportation services in a class action wherein the putative, nationwide class alleged violations of the Fair Credit Reporting Act; the judgment in favor of the defendant also resulted in a denial of the pending motion for class certification
  • Obtained a verdict in favor of the corporate-defendant and individual-defendant in a trial alleging violations of the Telephone Consumer Protection Act
  • Obtained judgment on behalf of a small company in a Florida class action case by showing no vicarious liability for the alleged infractions of the federal statute at issue
  • Obtained dismissal with prejudice of a case, on the first day of an expected two week trial, based upon the theory that damages sought were not compensable under Illinois law and won the issue on appeal, which presented an issue of first impression
  • Obtained summary judgment on behalf of a major bank in a case alleging injuries from exposure to purported toxic mold, where plaintiff alleged potential damages over $1 million
  • Successfully defeated class certification in a Telephone Consumer Protection Act case in Washington D.C. based on various grounds, including that plaintiff was an inadequate representative, that common questions did not predominate and that the class action procedure was not the superior mode of adjudication
  • Won on a motion for partial summary judgment in a Telephone Consumer Protection Act case in federal court in Florida by demonstrating a lack of authority for over two-thirds of the advertisements at issue, thereby reducing potential class recovery by over $2 million
  • Successfully defeated class certification in two landlord-tenant class actions in Chicago based, in part, on evidence marshaled to demonstrate individual defenses to the named plaintiffs’ claims

Data Privacy 

  • Assisted an accounting firm that suffered a data breach orchestrated by overseas hackers that resulted in fraudulent tax returns being filed, including coordinating a response with the local FBI field office, an outside computer forensics firm, and two states attorneys general as to the response and data breach notification
  • Coordinated the response when a small company suffered a data incident after an employee’s laptop was stolen and never recovered, including analyzing the encryption and password protections, together with the extent of PII potentially exposed, advising on any legal responsibilities for notice under applicable states’ laws, and generated an executive summary regarding our assessment
  • Assisted a multi-national company in responding to three, separate data incidents, including use of an unencrypted thumb-drive, potential exposure of sensitive data and the errant storage of a back-up server where unauthorized individuals may have gained access, and assessed and summarized the legal implications based upon four states’ privacy acts
  • Coordinated with the first-responders as to a ransomware attack from overseas, including review of the forensic examination, assessment of any actual exfiltration of data, and analysis of various states’ requirements on notification based upon the data and expert review of the data
  • Advising an insurance provider, with a national reach, on compliance with New York’s Cybersecurity Regulations and other states enacting similar regulations and laws geared toward insurance carriers and based upon the Model Law
  • Advising subsidiaries of a national bank as to compliance considerations for the California Consumer Protection Act

News & Press Releases


Presentations & Events