Features
John Beardwood
&
Shan Arora
Part Two In a Series
Part One of this series introduced the history of Canada's recently introduced Consumer Privacy Protection Act and reviewed the similarities with GDPR, such as data portability, the right not be forgotten, codes of practice, and a safe harbor provision. Part Two analyzes the new compliance requirement of valid consent.
Features
Tinamarie Feil
While new and/or improving technologies may be challenging, they likely also present new opportunities which can facilitate delivering the best services at the best cost. Some solutions can be handled directly by law firms — but others will require the courts to approve, and, perhaps, even change of procedures to get with the times.
Features
Marc Lieberstein
&
Raymond Aghaian
We are increasingly hearing about security breaches, data leaks and other kind of data theft in the franchise world. This is because frequently the franchise systems operate as a connected mass of franchisees all of whom collect, store and transmit a diverse array of consumer and personal data to the franchisor. In other words, franchisors and franchisee make a nice easy target for cyber theft.
Features
Isha Marathe
Some cybersecurity experts think the structure of law in the U.S. itself means that truly fighting against growing threat actors is a losing game. Take, for example, the fact that attorneys are largely limited by jurisdictional licensure requirements. While on the other hand, bad actors are often organized, unsaddled by jurisdictional challenges, and able to function as a large decentralized group.
Features
Cassandre Coyer
New York has become the first state to add a requirement mandating that lawyers take legal education courses in cybersecurity, privacy and data protection. As cyberthreats will likely continue to both grow and evolve in sophistication, attorneys expect this requirement to be only a first step, with more states likely to soon follow.
Features
David Horrigan
This article looks beyond conspiracy theories and Secret Service slip-ups — or subterfuge, depending on one's perspective — to take a look at the law and technology of texts in e-discovery.
Features
Rita W. Garry
While the ADPPA represents compromises between Democratic and Republican leadership of the U.S. Senate and House of Representatives, particularly around the thorny issues of state law preemption and private rights of action, there are other legislative and big tech industry players pushing their own agendas for comprehensive national data privacy and security frameworks.
Features
John Beardwood
&
Shan Arora
Part One In a Series
This article, which reviews the Canadian Consumer Privacy Protection Act, first seeks to identify the delta between the Act and PIPEDA in order to allow privacy officers of organizations that are already PIPEDA compliant to identify the net new compliance requirements under the Act and second, to highlight the provisions of the Act which, if breached, could lead to the imposition of significant fines.
Features
Angela Matney
In light of the evolving legal and regulatory landscape, app developers and their counsel should examine developers' privacy and security practices and take steps to safeguard sensitive data related to reproductive health.
Features
Kyle Fath, Alan Friel, Shea Leitch
&
David J. Oberly
While the the California Privacy Protection Agency kicked some of the more difficult issues down the road for further consideration, its first draft of proposed Regs is quite comprehensive with respect to the issues addressed. The authority for some of what is proposed is questionable and will likely be challenged in comments, if not judicial action, if such provisions become final.
