Kathleen Porter

Photo of Kathleen Porter

Kathy Porter's practice straddles the areas of intellectual property, business transactions, trade regulation, and Internet law and includes import/export control issues, such as compliance and enforcement, competition, privacy, and data security. She counsels businesses on the development and implementation of data security and privacy practices to comply with the patchwork of laws and rules applicable to the collection, use, safeguarding, sharing, and transfer of protected or personal data. She regularly structures arrangements with promoters, marketers, website exchanges, and other third parties for the purchase, sale, sharing, and safeguarding of personal data. Kathy prepares and negotiates representations, warranties, and indemnities regarding personal or protected data and privacy and data practices. She also assists clients with privacy audits and works with third-party certification organizations to obtain certification of companies' privacy practices. She guides clients through internal investigations to assess and address notice and other obligations regarding privacy breaches. Kathy often works closely with our litigation attorneys to manage external investigations such as those by federal or state regulators. Read her rc.com bio here.

Latest Articles

With more companies hiring, online recruiting scams have re-emerged to prey on job seekers and employers. The Better Business Bureau tracked more than 3,000 recruiting scams in the first 10 months of 2018 with losses in the million dollars. The online recruiting scam works this way: the scammer fraudulently uses a company’s name and logo, and perhaps the names of the company’s employees handling recruiting or human resources, to solicit applications from job seekers for…
Last week, the High Court of Ireland submitted eleven questions to the Court of Justice for the European Union (CJEU) to consider about the personal data transfer regime between the European Union (EU) and the United States. This referral stems from a new claim by Max Schrems, an Austrian lawyer and privacy activist. Schrems previously challenged the adequacy of the U.S. Safe Harbor data transfer regime to protect EU personal data transferred by technology companies…
Facebook reports that the personal data of 87 million Facebook users, mostly located in the United States, “may have been improperly shared” with British data analytics firm Cambridge Analytica. Previous estimates put the possible scope of improper sharing at about 50 million users. The increased number was calculated by Facebook by totaling the friends of the 270,000 Facebook users who permitted a researcher’s personality quiz app “thisisyourdigitallife” to collect and share personal data about the…
On March 30, 2018, Solicitor General Noel J. Francisco filed a motion with the U.S. Supreme Court in United States v. Microsoft Corporation that seeks to vacate the judgment of the U.S. Court of Appeals for the Second Circuit in the case (which held in favor of Microsoft) and to remand the case with directions to dismiss it as moot. The motion was submitted in response to the passage of the CLOUD Act on March…
On March 23, 2018, the President signed into law the Consolidated Appropriations Act of 2018 (H.R. 1625), an omnibus spending bill that includes the Clarifying Lawful Overseas Use of Data Act (the CLOUD Act). Among other provisions, the CLOUD Act amends the Stored Communications Act of 1986 (18 U.S.C. §§ 2701-2712, hereinafter the SCA) by adding a new § 2713 which states as follows: A provider of electronic communication service or remote computing…
Facebook and the English data analytics firm Cambridge Analytica (CA) are facing intense scrutiny in response to numerous reports about the possible misuse of data of 50 million Facebook accounts. The data was originally collected through a third party personality test app and later reportedly improperly transferred to CA and/or its parent company Strategic Communications Laboratories (SGL) and used to create target voters as part of CA’s political campaign consulting business. The App: The “thisisyourdigitallife”…
On March 16, David Carroll, a New York based American professor sued Cambridge Analytica (CA) in the U.K. courts, after the data analytics firm allegedly failed to respond to his request made pursuant to the U.K. Data Protection Act for his file of personal data held by CA, CA’s purpose for processing his data, and the persons and countries outside the E.U. with whom his data was shared. Carroll had heard CA’s CEO reportedly bragged…
This week, the world learned of widespread and serious vulnerabilities in most central processing units (CPU). CPUs manage the instructions received from the hardware and software running on a computer.  The vulnerabilities, named Meltdown and Spectre, affect virtually every computer existing today, in particular those with Intel, Advanced Micro Devices, Inc. (AMD), Nvidia and Arm Holdings (ARM) processors. Spectre and Meltdown essentially permit unauthorized access to an operating system’s secure and secret kernel memory, which…
As we approach calendar year end, traditionally the busiest period of the year for mergers and acquisitions, it is worth revisiting whether our existing competition law framework can and does properly assess the market power of big data. This spring, The Economist magazine joined the ranks of some antitrust regulators, particularly from the EU, in questioning whether today’s measures of anti-competitive behavior, whether the proposed activity would result in higher prices or unfair competition, don’t…
In an order issued on October 16, 2017, the U.S. Supreme Court granted certiorari in United States v. Microsoft Corporation, a case with potentially far-reaching implications for the privacy of electronic data maintained by technology companies across the globe. The case, which Robinson+Cole has previously discussed here, here, and here, arises from a warrant obtained by the Department of Justice (DOJ) under the Stored Communications Act (SCA).[1] The SCA was enacted…