Privacy Law Blog

Blog Authors

AB C DEF G HIJ K L M N O P Q R S TUVWXY Z

Om V. Alladi

Michelle E. Arnold

Vanessa P. Avello

Latest from Privacy Law Blog

Privacy Law Blog

One More Year: Attorney General Issues Final Regulations as CA Legislature Delays Some Compliance Obligations

By Ryan Blaney & Christina H. Kroll

September 15, 2020

Qualifying businesses have another year to complying with certain, major provisions of the CCPA. The CCPA, or the California Consumer Privacy Act of 2018, is a California law that gives California consumers, defined broadly to encompass all California residents, certain rights with respect to their personal information. Namely, it gives consumers the right to know about the personal information that businesses collect about them; the right to know what businesses do with that information; and,…

Privacy Law Blog

One Cross-Border Mechanism Invalid, Another Upheld: Thoughts after the CJEU’s Schrems II Decision

By Ryan Blaney

July 21, 2020

On July 16, 2020, the Court of Justice of the European Union (CJEU) invalidated Decision 2016/1250 on the adequacy of the protection provided by the EU-US Privacy Shield, ruling, among other things, that U.S. domestic law governing law enforcement access to transferred data does not satisfy the GDPR’s requirements because, as the Court stated, U.S. surveillance programs are not limited to “what is strictly necessary to achieve the legitimate objective in question”. In a…

Privacy Law Blog

CCPA: California Attorney General Releases Final Proposed Regulations

By Christina H. Kroll

June 18, 2020

On June 1, 2020, the California Attorney General’s office released the third and final set of CCPA proposed regulations (available here). Below, we provide information about the final proposed regulations and enforcement actions.…

Privacy Law Blog

Cybersecurity: SEC and Other Regulators

By Margaret A. Dale, Alexandra V. Bargoot, Anthony M. Drenzek & Samuel J. Waldon

May 21, 2020

In today’s world, cybersecurity breaches and threats are pervasive concerns for any business entity, without exception. Working from home arrangements due to COVID-19 constraints only magnify the risk and create further vulnerabilities for companies. Companies should be aware of (1) the key cyber threats they face, (2) the consequences of a breach, and (3) the statutory and regulatory framework governing cybersecurity. Cybersecurity breaches are unique in that an entity can both be the victim of …

Privacy Law Blog

French DPA Issues Guidance Surrounding Practice of Web Scraping

By Jeffrey Neuburger, Stéphanie Martinier, Jonathan Mollod & Mathilde Pepin

May 13, 2020

On April 30, 2020, the French data protection authority, the CNIL, published a guidance surrounding considerations behind what it calls “commercial prospecting,” meaning scraping publicly available website data to obtain individuals’ contact info for purposes of selling such data to third parties for direct marketing purposes. The guidance is significant in two respects. First, it speaks to the CNIL’s view of this activity in the context of the GDPR and privacy concerns. Second, beyond…

Privacy Law Blog

Trends in Privacy and Data Security

By Jeffrey Neuburger

April 17, 2020

Privacy and cybersecurity remain top priorities for regulators and companies alike, as the threats posed by large-scale data breaches and other cyber incidents show no signs of waning. Companies and their counsel must monitor privacy and data security-related enforcement trends, new laws and regulations, and key emerging issues to mitigate risks and minimize potential liability. Read our Practical Law article for an overview of recent privacy and data security legal developments (pre COVID-19). …

Privacy Law Blog

FTC Issues New Guidance on Artificial Intelligence Technology

By Colin Kass, David Munkittrick & Nicollette R. Moser

April 15, 2020

In the largest piece to come out of the FTC’s new focus on emerging technologies, the FTC Bureau of Consumer Protection issued new guidance on the use of artificial intelligence (“AI”) and algorithms. The guidance follows up on a 2018 hearing where the FTC explored AI, algorithms, and predicative analysis. As the FTC recognizes, these technologies already pervade the modern economy. They influence consumer decision making – from what video to watch next, to what…

Privacy Law Blog

HHS to Exercise Enforcement Discretion to Permit HIPAA Business Associates to Use and Disclose PHI to Public Health Authorities during the COVID-19 Health Crisis

By Ryan Blaney

April 3, 2020

On April 2, 2020, the Office for Civil Rights (OCR) at the U.S Department of Health and Human Services released a notification related to the discretion that OCR will exercise concerning HIPAA enforcement during the COVID-19 public health emergency. Effective immediately, OCR will not impose penalties for violations of certain provisions of the HIPAA Privacy Rule against business associates for “good faith uses and disclosures of PHI by business associates for public health and health…

Privacy Law Blog

Amid Pandemic Remaining New York SHIELD Act Data Security Requirements Have Taken Effect

By Stephanie A. Diehl

April 2, 2020

The developing coronavirus pandemic affects businesses and personnel within the state and elsewhere. With more New Yorkers working from home, there are more opportunities for cyberattacks through unsecure remote connections and the public concern growing each day. The New York SHIELD (“Stop Hacks and Improve Electronic Data Security”) Act was signed to law on July 25, 2019. It is an amendment to New York’s data breach notification law. The SHIELD Act provides a…

Privacy Law Blog

FTC Ramps up COVID-19 Activity After Improving its Data Security Enforcement Orders

By Ryan Blaney, Stephanie Kapinos & Kevin Milewski

March 31, 2020

With the spread of the novel coronavirus (COVID-19), cybersecurity criminals and scammers are ramping up their efforts to target vulnerable employers and workforces. The FTC announced today that since January they have received more than 7,800 fraud complaints from consumers related to the COVID-19 pandemic. But the FTC isn’t slowing down either. Even with the FTC having to change its own procedures due to COVID-19, the FTC has been publishing guidance on COVID-19 scams and…

Privacy Law Blog

Blog Authors

One More Year: Attorney General Issues Final Regulations as CA Legislature Delays Some Compliance Obligations

One Cross-Border Mechanism Invalid, Another Upheld: Thoughts after the CJEU’s Schrems II Decision

CCPA: California Attorney General Releases Final Proposed Regulations

Cybersecurity: SEC and Other Regulators

French DPA Issues Guidance Surrounding Practice of Web Scraping

Trends in Privacy and Data Security

FTC Issues New Guidance on Artificial Intelligence Technology

HHS to Exercise Enforcement Discretion to Permit HIPAA Business Associates to Use and Disclose PHI to Public Health Authorities during the COVID-19 Health Crisis

Amid Pandemic Remaining New York SHIELD Act Data Security Requirements Have Taken Effect

FTC Ramps up COVID-19 Activity After Improving its Data Security Enforcement Orders

Stay Connected

Company

Products

Support

New to the Network