Data Counsel

Commentary Addressing Risks and Opportunities Through the Lifecycle of Data, Technology, Advertising and Innovation

Latest from Data Counsel

On Oct. 28, a joint cybersecurity advisory was published by the Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the Department of Health & Human Services. The advisory warned of an imminent cybercrime threat to U.S. hospitals and healthcare providers – specifically that a large-scale ransomware attack may be on the very near horizon. BakerHostetler’s coverage of the initial alert, including proactive measures organizations can take, can be found here.…
The Department of Health and Human Services’ (HHS)’ Office of the National Coordinator (ONC) published an interim final rule today delaying several key compliance deadlines in the ONC 21st Century Cures Act final rule – including that of the information blocking provisions, which were slated to become effective on November 2, 2020 – until April 5, 2021. According to the ONC press release, the decision to delay the information blocking compliance deadline was made to…
BakerHostetler is closely monitoring a Cybersecurity Advisory issued jointly by several government agencies including the United States Department of Health and Human Services (HHS) and the FBI, on October 28. The Advisory warns of an imminent cybercrime threat to U.S. hospitals and healthcare providers with the purpose of infecting systems with Ryuk ransomware for financial gain. Read more
On Monday, Oct. 12, the California Office of the Attorney General (the Attorney General or OAG) released a third set of proposed modifications to the California Consumer Privacy Act (CCPA) regulations (the Regulations). The full text can be found on the Attorney General’s website here. The proposed modifications to the Regulations are limited to four sections. While the proposed changes are relatively minor in substance, they nevertheless provide helpful and important guidance on the…
Partner Jeewon Kim Serrato co-authored an article published in the California Lawyer Association’s Fall 2020 issue of the “Competition Journal” of the Antitrust, UCL and Privacy Section.  The article, “Privacy, Pricing, and the Value of Consumer Data: Complex Nature of the CCPA’s Non-Discrimination Requirement,” discusses the intersection of privacy and competition law and provides an in-depth examination of the non-discrimination right under the California Consumer Privacy Act, which is a first-of-its-kind law to require companies to…
Ransomware has hit pandemic proportions and there does not seem to be a clear end in sight. On October 1, 2020, the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory regarding ransom payments and the risk of sanctions associated with such payments. Background Ransomware has been around for decades. For many years, ransomware was more of a nuisance issue only involving a small number of computers than a real business disrupter.…
Blockchain technology is widely anticipated to disrupt major industries and business operations over the next several years. But with all of the “hype” in the blockchain market, at times it can be difficult to separate fact from fiction and identify the real value in this new technology. To help bring things into focus, we’ve crafted a five-part series to introduce blockchain from a technological, market, and legal perspective. Our first episode provides an introduction to…
The California Consumer Privacy Act (CCPA) does not in itself outline specific employee training or record-keeping requirements that demonstrate business compliance with the law. However, the California attorney general’s final CCPA Regulations, intended to guide the application of the CCPA, detail that specific types of employee training and record-keeping are required for CCPA compliance. Specifically, the Regulations require that people who handle inquiries related to a business’s privacy practices, CCPA compliance or CCPA-related consumer…
While most privacy news and alerts have been focused on the collection and processing of customer data (see our earlier posts about interest-based advertising and the House Judiciary Committee’s Antitrust Hearing with Big Tech, for example), privacy issues related to data collected from employees and business-to-business (B2B) contacts increasingly are becoming a concern for businesses. As we have highlighted in the past, laws outside the U.S., like the EU General Data Protection Regulation (GDPR),…
The Interactive Advertising Bureau (IAB), a leading advertising industry organization, has launched a CCPA Benchmark Survey to assess how companies across the digital advertising ecosystem are approaching CCPA compliance. The survey provides an opportunity for companies to anonymously report on their handling of various CCPA matters, including to provide statistics relating to the number of access, deletion, and “Do Not Sell” requests organizations have received, and to weigh in on the vexing issue of whether…