-
Cybersecurity Law & Strategy
United Kingdom Approves Online Safety Bill; Making Social Media Companies Responsible
Peter Brown
The United Kingdom's Online Safety Bill makes social media companies responsible to prevent and remove illegal or dangerous content, including posts relating to terrorism, child exploitation, hate crimes or fraud.
Read More ›
-
Cybersecurity Law & Strategy
New Jersey Looks to Other States In Enacting Data Privacy Legislation
John T. Wolak and William C. Martinez
At this juncture New Jersey stands at a crossroad, with the Legislature facing important choices on the scope and terms of comprehensive privacy legislation that will have a dramatic impact on business operations as well as the individual rights of New Jersey residents.
Read More ›
-
Cybersecurity Law & Strategy
In Case You Missed It: AI Ethics, Algorithms and Other Takeaways from the First-Ever IAPP AI Conference
Isha Marathe
The conference’s panels and keynotes looked to connect the dots between the tools governments and individuals have in the age of AI to protect themselves — and the tools they will need to develop.
Read More ›
-
Cybersecurity Law & Strategy
INFOGRAPHIC: Keeping Up with the Evolving Patchwork of Laws: An Interactive Map of State Privacy Laws
CLS Staff
An Interactive Map of State Privacy Laws
Read More ›
-
Cybersecurity Law & Strategy
California Privacy Bill Could Upend the Way Data Brokers Do Business In the Golden State
Maria Dinzeo
A California privacy bill that will give consumers the power to delete their personal information through a single request may soon become law, and could upend the way data brokers, advertisers and publishers do business in the Golden State.
Read More ›
-
Cybersecurity Law & Strategy
The EU-U.S. Data Privacy Framework: Did Transferring Personal Data from the EU to the U.S. Just Get Easier?
Wim Nauwelaerts
Businesses and organizations that (regularly) transfer personal data from the EU to the U.S. should carefully assess, on a case-by-case basis, whether it makes sense to rely on the new EU-U.S. Data Privacy Framework or to use one of the other data transfer tools that are available under the GDPR.
Read More ›
-
Cybersecurity Law & Strategy
Florida’s New Data Privacy Bill Is an Outlier, Going Both Broad and Narrow
Cassandre Coyer
The Florida law, which will go into effect on July 1, 2024, positions itself as an outlier among other state data privacy regulations.
Read More ›
-
Cybersecurity Law & Strategy
Preparing Companies for Impending Data Privacy, Cybersecurity Changes
Sarah F. Hutchins
Failing to pay attention to shifting data privacy and security regulations can be costly. Here’s an overview of what’s been happening — and what’s likely to happen next — in the world of data privacy and security.
Read More ›
-
Cybersecurity Law & Strategy
How to Avoid Running Afoul of Privacy Laws
Dan Panitz and Jerry McIver
Privacy laws and enforcement are causing big changes to global commerce and have now arrived at our doorstep. The million dollar questions are how this will affect our businesses and what, if anything, do we need to do about it?
Read More ›
-
Cybersecurity Law & Strategy
Start-Ups, Cyber Attacks and Regulations
CLS Staff
A Q&A with Christina Gagnier, a Shareholder with Carlton Fields and President of the newly-launched privacy and cybersecurity consultancy CTRL, on the cyber issues specific to start-ups and small businesses.
Read More ›
-
Cybersecurity Law & Strategy
Hot Button Enforcement Issues In the New Canadian Consumer Privacy Protection Act
John Beardwood and Shan Arora
Part Four In a Series
The conclusion of the series on Canada’s recently introduced Consumer Privacy Protection Act looks at hot button enforcement issues in the Act.
Read More ›
-
Cybersecurity Law & Strategy
The Information Governance Groundhog Day Syndrome
Ben Schmidt and Nathan Curtis
Security and privacy start with good information governance, and for many firms — trying to get their information governance policy implemented feels a lot like Groundhog Day. Yes, the one with Bill Murray. Let’s take a closer look.
Read More ›
-
Cybersecurity Law & Strategy
Compliance for Privacy Officers on the New Canadian Consumer Privacy Protection Act
John Beardwood and Shan Arora
Part Three In a Series
Part Three continues the analysis of new compliance requirements in Canada's new Consumer Privacy Protection Act, including the content of organizational privacy policies and anonymization of personal information policies, and business transaction policies contained in the Act.
Read More ›
-
Cybersecurity Law & Strategy
EU Releases Attempt At Comprehensive Cybersecurity Legislation
Cassandre Coyer
The European Union released its first attempt at a comprehensive cybersecurity legislation, the Cyber Resilience Act — and its impact on the technology market could be far-reaching.
Read More ›
-
Business Crimes Bulletin
FTC Looks to Focus On Data Privacy and Competition
Isha Marathe
The Federal Trade Commission, under its current chairperson Lina Khan, has released a flurry of press releases and blogs in recent months signaling at a focused commercial surveillance “crackdown.”
Read More ›
-
Cybersecurity Law & Strategy
A Compliance Briefing for Privacy Officers on the New Canadian Consumer Privacy Protection Act
John Beardwood and Shan Arora
Part Two In a Series
Part One of this series introduced the history of Canada’s recently introduced Consumer Privacy Protection Act and reviewed the similarities with GDPR, such as data portability, the right not be forgotten, codes of practice, and a safe harbor provision. Part Two analyzes the new compliance requirement of valid consent.
Read More ›
-
Cybersecurity Law & Strategy
Data Rights, Data Duties, & Data Risks: The American Data Privacy and Protection Act
Rita W. Garry
While the ADPPA represents compromises between Democratic and Republican leadership of the U.S. Senate and House of Representatives, particularly around the thorny issues of state law preemption and private rights of action, there are other legislative and big tech industry players pushing their own agendas for comprehensive national data privacy and security frameworks.
Read More ›
-
Cybersecurity Law & Strategy
Not Just Your Same Old Privacy Legislation: A Compliance Briefing for Privacy Officers on the New Canadian Consumer Privacy Protection Act
John Beardwood and Shan Arora
Part One In a Series
This article, which reviews the Canadian Consumer Privacy Protection Act, first seeks to identify the delta between the Act and PIPEDA in order to allow privacy officers of organizations that are already PIPEDA compliant to identify the net new compliance requirements under the Act and second, to highlight the provisions of the Act which, if breached, could lead to the imposition of significant fines.
Read More ›
-
Cybersecurity Law & Strategy
Data Privacy and Security Considerations for Mobile Health App Developers and Their Counsel
Angela Matney
In light of the evolving legal and regulatory landscape, app developers and their counsel should examine developers’ privacy and security practices and take steps to safeguard sensitive data related to reproductive health.
Read More ›
-
Cybersecurity Law & Strategy
California’s Latest Privacy Rulemaking Proposes Further Obligations for Businesses
Kyle Fath, Alan Friel, Shea Leitch and David J. Oberly
While the the California Privacy Protection Agency kicked some of the more difficult issues down the road for further consideration, its first draft of proposed Regs is quite comprehensive with respect to the issues addressed. The authority for some of what is proposed is questionable and will likely be challenged in comments, if not judicial action, if such provisions become final.
Read More ›
-
Cybersecurity Law & Strategy
California ‘Right to Know Act’ Sets Off Alarm Bells Ring for Privacy Experts
Isha Marathe
While state data privacy legislation is picking up across the U.S., a California bill that recently passed the State Senate and has remained largely under the radar, has some privacy experts raising alarm bells.
Read More ›
-
Cybersecurity Law & Strategy
Metaverse Raises Privacy and Cybersecurity Concerns
Oriana Alexander, Wail Jihadi and Bryan Parker
The Metaverse will be the next version of the Internet that provides an immersive virtual experience. For now, the extent to which Metaverse technology will be integrated into our physical world remains unknown. This raises new concerns about data privacy, cybersecurity, new cybercrimes and constitutional issues.
Read More ›
-
Cybersecurity Law & Strategy
Ninth Circuit Allows Data Scraping from LinkedIn
Marianna Wharry
The Ninth Circuit reaffirmed data analytics company hiQ Labs Inc.’s ability to scrape publicly available data from LinkedIn’s platform despite the social media company’s claim that the data collected violated federal hacking laws.
Read More ›
-
Cybersecurity Law & Strategy
California Consumer Privacy Law Cases Climbing, and Not Just In California
Jessica Mach
Plaintiffs filed 145 lawsuits last year to enforce provisions under the CCPA, a 60% increase from 2020. Lawsuits alleging violations of the California law were also filed across the country, pending at one point in 33 courts across 20 states.
Read More ›
-
Cybersecurity Law & Strategy
Examining the Differences Between Data Privacy and Data Security
Melissa Griffins Paulk
As businesses develop data protection frameworks to ensure compliance, it is important for companies to design a data protection program that contemplates data privacy and data security individually, to achieve the most comprehensive data protection program.
Read More ›
-
Cybersecurity Law & Strategy
Taming the Data Privacy Chaos in Contract Management
Gretchen Bakhshai
How contract management practitioners can remain in compliance with rapid changes in data privacy regulations.
Read More ›
-
Cybersecurity Law & Strategy
Building AI and Machine Learning Technologies: Data Licensing Tips and Traps
Anna Remis
Data is the fuel for software development, and developers use historical data from existing products to train algorithms and build AI and machine learning models. Companies are well aware of privacy and regulatory restrictions on data use, but often do not consider the potential impact of data use restrictions on intellectual property ownership and use rights.
Read More ›
-
Cybersecurity Law & Strategy
Biometric Privacy: A Year In Review (2021) and The Year Ahead (2022)
Lauren Caisman and Christian Auty
The year started with Portland, Oregon’s ban on the use of facial recognition technology by private entities in places of “public” accommodation. It concluded with the rendering of important appellate decisions on the Illinois Biometric Information Privacy Act. In the middle, was the continued flurry of litigation, class action settlements, and legislative activity.
Read More ›
-
Cybersecurity Law & Strategy
Cybersecurity and Legal Tech In 2022: Predictions from the Field
Zach Warren
It’s still a dangerous cyber world as we enter 2022, but one that today’s attorneys and legal technologists are prepared to tackle. Here’s what they predict for cybersecurity, remote work, privacy and e-discovery in the new year.
Read More ›
-
Cybersecurity Law & Strategy
Cybersecurity and Corporate Privacy Enforcement Is Focus of Feds
David Saunders and Julian L. André
It started as a hushed rumor in the beltway, then became a known fact by those going to join the administration. And now we all know: The Biden administration has brought with it a renewed focus on data privacy and cybersecurity.
Read More ›
-
Cybersecurity Law & Strategy
What You Need to Know About China’s New Privacy Law
Devin Chwastyk and Christian Wolgemuth
The Personal Information Protection Law of the People’s Republic of China (PIPL) went into effect on Nov. 1 and brought with it a suite of new requirements and lingering questions.
Read More ›
-
Cybersecurity Law & Strategy
9th Circuit: Police Violated Google Users’ Privacy Rights After Automated Email Scan Detected Child Pornography
Alaina Lancaster
A federal appeals court found that law enforcement violated a Google user’s constitutional rights when it opened email attachments the platform flagged as child pornography through an automated system.
Read More ›
-
Cybersecurity Law & Strategy
How to Address Evolving Privacy Regulations During Discovery
Gina Taranto
One Recipe for Success: Treat Private Data With the Same Priority Given to Privilege
But for all the coverage that privacy regulations are meant to provide, there is precious little guidance about how to protect private information, and there is very little legal precedent to guide our practices.
Read More ›
-
Cybersecurity Law & Strategy
Preserving Snaps: Understanding Retention Features of Messaging Apps
Philip Favro
The recent Doe v. Purdue University case out of the Northern District of Indiana — in which the court sanctioned plaintiff for failing to preserve relevant images and videos from his Snapchat application — teaches that counsel must understand the retention and deletion features of Snapchat and other messaging apps and social media if they are to help their clients preserve relevant ESI.
Read More ›
-
Cybersecurity Law & Strategy
The Pandemic Job Market: From Drought to Pandemonium
Jared Coseglia
This article gives historical context to the events that brought us to the current climate and provides guidance on how employers and employees can successfully navigate the ensuing complexities of job searching and hiring in the post-pandemic pandemonium.
Part One of a Two-Part Article
Read More ›
-
Cybersecurity Law & Strategy
NY Privacy Act Stalls, Would Escalate Protections Above Other State & International Regulations
F. Paul Greene
The failure of NYPA to pass is not exceptionally noteworthy. What is noteworthy, however, is that it marks an escalation of data privacy protections and restrictions not seen in other major regulatory regimes, whether in the United States or abroad. And since most believe its failure to pass was due more to the end-of-session rush than its contents, don't be surprised if it pops up again in January 2022.
Read More ›
-
Cybersecurity Law & Strategy
Where Is the Consumer In Consumer Privacy Legislation?
Rita W. Garry
In the past four months of 2021, the amount of state legislative activity around consumer data privacy laws has been frantic, by state legislatures standards. So much so, it is not easy to discern the cause for all this effort.
Read More ›
-
Cybersecurity Law & Strategy
Mastery of Information: How to Successfully Manage Ungoverned Data for Risk Mitigation
Peter Baumann
Companies are collecting and managing more data than ever, essentially in order to create value, thus in effect making every company a “data” company. But for data to provide value, organizations need to know where it is, who has access to it, how it’s managed, including its longevity value, and how it needs to be secured and protected.
Read More ›
-
Cybersecurity Law & Strategy
The World of NFTs
Christine K. Au-Yeung
NFTs have been all the rage lately. So what exactly are they?
Read More ›
-
Cybersecurity Law & Strategy
Can You Hear Me Now? — Privacy of Discussions
Leonard Deutchman
This article looks at privacy discussions, focusing on what in the circumstances discussed renders the IT data private and whether the criteria relied upon when courts and others in the discussion determine that the data is or is not private is truly determinative, as well as properly understood.
Read More ›
-
Cybersecurity Law & Strategy
How to Avoid ‘Privacy Debt’
Catherine Zhu
For many tech companies today, their products and business model require the collection and storage of data. At the same time, a failure to build adequate data protection technology, processes, and operations will continuously generate “privacy debt” for the business. The accumulation of this “privacy debt” can eventually turn away customers, attract regulatory penalties, and create an existential risk for the company.
Read More ›
-
Cybersecurity Law & Strategy
Privacy and Ethical Concerns of Vaccine Passports
Emily N. Litzinger and Alexa R. Hanlon
While the concept of digital vaccine passports might seem like a perfect solution, implementation is muddled not only by administrative feasibility, but the web of legal and business considerations raised if requiring the passport to return to the workplace or enter a business. This article untangles some of these complex legal considerations, including privacy and ethical concerns, offering employers guidance in evaluating their feasibility at the workplace.
Read More ›
-
Cybersecurity Law & Strategy
California Privacy Protection Agency Roster Set
Mike Scarcella
California named five members to the inaugural board of the California Privacy Protection Agency, a new entity created by voters in 2020 that will enforce the state’s sweeping consumer privacy laws.
Read More ›
-
Cybersecurity Law & Strategy
Winter 2021 Privacy Alert Roundup
Rebecca Perry
In this Privacy Alert Roundup, we’ll take a look at Virginia’s new proposed data protection law, a new proposed federal banking rule regarding cybersecurity incidents, and how lackadaisical vendor risk management can come back to bite you in court.
Read More ›
-
Cybersecurity Law & Strategy
Telehealth Enforcement: Is It the Next Big Thing?
Ty E. Howard, Scarlett S. Nokes, Gene R. Besen and Jason P. Mehta
With the start of the Biden administration and a DOJ very likely led by Merrick Garland, predictions have begun about future trends in government enforcement. Two pieces of conventional wisdom emerge: First, the focus will shift to more white-collar crime enforcement actions. And second, the healthcare industry will continue to be a major focus for investigators and prosecutors.
Read More ›
-
Business Crimes Bulletin
Telehealth Enforcement: Is It the Next Big Thing?
Ty E. Howard, Scarlett S. Nokes, Gene R. Besen and Jason P. Mehta
With the Biden administration and a DOJ led by Merrick Garland, predictions have begun about future trends in government enforcement. Two pieces of conventional wisdom emerge: First, the focus will shift to more white-collar crime enforcement actions. And second, the healthcare industry will continue to be a major focus for investigators and prosecutors.
Read More ›
-
Cybersecurity Law & Strategy
Using Legal Tech to Help Lawyers Protect Privilege and Better Serve Their Clients
Daniel Farris
A recent UK High Court ruling has provided lawyers everywhere with a stark reminder on the scope of privilege for electronic communications: just because an email itself is privileged does not automatically render the documents attached to that email privileged.
Read More ›
-
Cybersecurity Law & Strategy
NY Proposed Privacy Bill of Rights Could Add to Compliance Confusion
Frank Ready
New York Gov. Andrew Cuomo’s executive budget proposal includes plans for a comprehensive data privacy law that rather than bring more clarity to an increasingly fragmented U.S. privacy landscape, could place even more strain on corporate legal departments attempting to get a handle on compliance.
Read More ›
-
The Intellectual Property Strategist
Northern District of California Holds Vanity License Plates Are Not Government Speech
Grace Tuyiringire
California DMV regulations excluding plaintiffs’ personalized plates were like the PTO trademark registration restrictions of SLANTS and FUCT — restrictions struck down by the U.S. Supreme Court for violating the First Amendment.
Read More ›
-
Cybersecurity Law & Strategy
Data Privacy Forecast: 2021 On Pace to Be a Milestone Year
Jake Frazier
As the economy and business operations begin to stabilize in the new year, organizations will take stock of lessons learned and new risks that need to be addressed. In-house legal and information governance teams are likely to be at the forefront of these efforts, with a keen focus on the data privacy, security and compliance gaps that were exposed during the pandemic.
Read More ›