Privacy Zone

Where technology and intellectual property meet privacy

As of July 1, 2020, the California Attorney General began enforcing the California Consumer Privacy Act (CCPA). While many details about CCPA enforcement remain uncertain, many states have enacted or will enact their own privacy laws. Businesses clearly must wrestle with this mosaic of new and emerging privacy restrictions.  Some industries have explored legal challenges to these statutes. One of these legal challenge, against a new Maine privacy law, was just defeated. In February…
Today the U.S. Supreme Court found in Barr v. American Association of Political Consultants, Inc. that the federal debt collection exemption to the Telephone Consumer Protection Act’s general prohibition on autodialed calls violates the First Amendment.  The Supreme Court held that the exemption was a content-based restriction on speech because it favors speech made for the purpose of collecting government debt over political and other speech.  Such content-based restrictions are subject to the “strict…
The California Consumer Privacy Act (CCPA) went into effect on January 1, 2020, and enforcement begins tomorrow, July 1, 2020.  Is your privacy policy compliant?  Here are a few quick questions that may help you determine the answer – Does your privacy policy have a “last updated” date that is less than a year old? Do you fully identify the personal information that your company collects? Do you fully explain the purposes for which you…
The question is – do wiretapping statutes apply in cases where there is no traditional third party interceptor?  And more practically speaking, how does an entity using plug-ins and cookies avoid liability under wiretapping statutes while there is so much uncertainty in the law? We previously blogged about this issue In re: Facebook, Inc. Internet Tracking Litigation (here).  We reported how: (i) the district court dismissed the plaintiff’s action, which brought claims under,…
Articles summarizing CCPA often state that it applies to for-profit businesses that do business in California that satisfy certain criteria, and they fail to ever mention that CCPA does apply to some non-profits. The CCPA defines “business” as “a sole proprietorship, partnership, limited liability company, corporation, association, or other legal entity that is organized or operated for the profit or financial benefit of its shareholders or other owners, that collects consumers’ personal information, or on…
On May 28, President Donald Trump issued an executive order on preventing online censorship targeting the Communications Decency Act, or CDA, titled “Protection for good Samaritan blocking and screening of offensive material.”[1] While there remain serious doubts as to the legality of the order, including the extent to which it is a constitutionally impermissible viewpoint-based regulation of speech, the order makes it clear that the Trump administration will be urging, or even directing, regulators to…
In the United States, transparency is the name of the game in privacy law.  (This is in contrast to the GDPR, which is focused on creating a “privacy by design” legal framework.)  Consistent with this trend with U.S. privacy laws is New York’s Public Oversight of Surveillance Technology Act (POST Act), which is expected to become law in the next month. While the POST Act has been pending for years, the bill gained momentum in…
On June 1, 2020, the California Attorney General submitted the final text of the California Consumer Privacy Act (CCPA) regulations to the California Office of Administrative Law (OAL) for approval, which are substantially the same as the draft regulations released on March 11, 2020.  Despite the ongoing development of the regulations, the CCPA took effect on January 1, and the enforcement of the CCPA is slated to begin on July 1, 2020, regardless of whether…
With many businesses still hitting the “pause” button and employees working remotely for at least the foreseeable future, it is a great time to start considering whether the emerging trend of data privacy regulations may apply to your business, and if so, to start mapping out the steps towards compliance and overall better privacy hygiene. The CCPA enforcement date (July 1, 2020) has yet to be pushed back, and many companies have already lost the…
Starting last month, companies around the United States started to reopen their doors to their employees and customers, but not without first considering what “checks” should be done to ensure a safe environment for all.  Temperature checks, COVID-19 testing, symptom reporting, travel history questionnaires, geolocation tracking and other surveillance measures, and even using AI to intercept communications where relevant information, like symptoms, are self-reported are among the measures that businesses are taking. Companies are also…