Privacy & Data Security

April 7, 2020

Partners Eric Troutman and Elliot Golding will participate as panelists in an upcoming webinar hosted by LeadsCouncil as part of its Leadership Series. This webinar will discuss the new Post-COVID Legal Environment and the impact it is having on outreach efforts to consumers, including lead generation and outbound calling. The session will also provide critical insights for what you need to know when calling into states with special COVID telemarketing laws as well as important…

Cyberblog

CMMC in the Age of COVID-19

By Fred W. Geldon & Jeffrey M. Weiner

April 7, 2020

While attention is necessarily focused on the nation’s response to COVID-19, defense contractors should not put aside the need to prepare to meet DoD’s Cybersecurity Maturity Model Certification (CMMC) requirements. In fact, early this month the CMMC Accreditation Body announced on its website it had signed a Memorandum of Understanding (MOU) with DoD related to implementing CMMC, and is working to make more information about the agreement public. Even if DoD’s phased CMMC rollout is delayed, it…

Data Privacy + Security Insider

City of LA Email Blunder Exposes COVID-19 Test Results to All Recipients

By Linn Foster Freedman

April 7, 2020

Although email seems to be the preferred method of communication during the coronavirus pandemic, an error made by a City of Los Angeles employee is one to learn from and avoid repeat. Unfortunately, when emailing COVID-19 results to multiple individuals, instead of blind copying the recipients with the results, a staff member from the City of Los Angeles typed the full email of the recipients in the To column, instead of in the Bcc column,…

Privacy Compliance & Data Security

Hungary Offers Employers a GDPR Compliance To Do List for Processing Data in the Pandemic

By Odia Kagan

April 7, 2020

Hungary’s Data Processing Authority offers a GDPR compliance to do list for employers. Collect and process only what you need Abide by the emergency laws Devise a pandemic contingency plan Adopt full transparency Read my detailed analysis on the Hungary Nemzeti Adatvédelmi és Információszabadság Hatóság guidance.…

Data Privacy Dish

CARES Act Brings Changes to Federal Substance Use Disorder Privacy Law

By Julie A. Sullivan & Renae M. Nanna

April 7, 2020

The Coronavirus Aid, Relief, and Economic Security Act (CARES Act), enacted March 27, 2020, rewrote significant portions of 42 U.S.C. § 290dd-2, the federal statute governing the confidentiality of substance use disorder (SUD) records that is more commonly known by its implementing regulations at 42 C.F.R. Part 2 (Part 2). Among other changes, the CARES Act revises the permissible uses and disclosures of SUD records to more closely align with the HIPAA Privacy Rule, 45…

Privacy Blog

New CCPA Lawsuit Against Zoom: Issues to Watch

By Sushila Chanana & Ashley Roybal-Reid

April 7, 2020

As large portions of society become subject to coronavirus-related quarantines, increasing numbers of people have turned to web-based communications platforms for classes, meetings, events, and socialization. One such platform, Zoom, has become, in some estimations, the most important app in the business world, and the single most downloaded mobile app in all of India. With such rapid expansion in its user base, there was bound to be increased focus on the company. Over…

Privacy Compliance & Data Security

FCC: Auto-Dialed Calls, Texts on Coronavirus Health and Safety Exempt From Consent Requirements

By Odia Kagan

April 7, 2020

The Federal Communications Commission clarifies that auto-dialed calls and SMS messages regarding COVID-19 are exempted from Telephone Consumer Protection Act (TCPA) consent requirements. Efforts to slow the spread of the disease depend on effective communications about measures to mitigate transmission of the illness, as well as other health and safety information. Automated calls to wireless numbers made necessary by imminent danger including “health risks” affecting health and safety are made for an emergency purpose and…

Privacy Compliance & Data Security

Global Privacy Assembly: Possible to Fight COVID-19 and Protect Privacy

By Odia Kagan

April 7, 2020

The Executive Committee of the Global Privacy Assembly (GPA) weighs in on data privacy and the coronavirus pandemic. The universal data protection principles in all our laws will enable the use of data in the public interest and still provide the protections the public expects. Data protection authorities stand ready to help facilitate swift and safe data sharing to fight COVID-19. Health data is considered sensitive across many jurisdictions, but work between data protection authorities…

Ride the Lightning

Lawyers: Don’t Be Afraid to Use Zoom

By Sharon Nelson

April 7, 2020

There has been a tidal wave of media stories about Zoom being insecure. So let’s get real – and practical. Lawyers are capable of using Zoom – and so are their clients. That’s a large part of why lawyers have glommed into Zoom. The basic functions are simple to master. I was struck by one of cybersecurity expert Bruce Schnier’s recent posts. As readers of RTL will know, I am a great fan of…

Socially Aware Blog

Computer Service Providers Face Implied Limits on CDA Immunity

By J. Alexander Lawrence & Janelle Hyun

April 7, 2020

Often lauded as the most important law for online speech, Section 230 of the Communications Decency Act (CDA) does not just protect popular websites like Facebook, YouTube and Google from defamation and other claims based on third-party content. It is also critically important to spyware and malware protection services that offer online filtration tools. Section 230(c)(2) grants broad immunity to any interactive computer service that blocks content it considers to be “obscene, lewd, lascivious,…