A Delaware federal district court made headlines this week by issuing the first court decision rejecting fair use as a defense in training artificial intelligence (AI) models with copyrighted content. In Thomson Reuters...more
Following the Supreme Court’s TC Heartland decision in 2017, a patent owner may only sue an alleged infringer in either: (1) a judicial district of the state where the defendant is incorporated; or (2) a judicial district...more
Last year proved to be an incredibly active year for data privacy legislation, state and federal enforcement actions, and new compliance challenges introduced by emerging technology. Looking ahead to this year, there is no...more
A New York Federal Court Judge recently dismissed a copyright lawsuit brought by two news outlets: Raw Story Media Inc. and AlterNet Media Inc. for lack of standing. The dismissed complaint alleged OpenAI’s use of Raw...more
In yet another example of the importance of a robust cybersecurity and data protection system, New York Attorney General (OAG) and the New York State Department of Financial Services (DFS) collectively fined the insurance...more
In a settlement with Marriott International and its subsidiary Starwood hotels and Resorts Worldwide, the FTC will require Marriott to implement a new comprehensive data security program. The settlement stems from a series of...more
As the manufacturing industry increasingly relies on advanced technology such as the industrial internet of things, automation and big data, manufacturers are particularly susceptible to cyberattacks. Manufacturing operations...more
In March 2020, the Cybersecurity Mandate within New York’s Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) went into effect. In its entirety, the SHIELD Act expanded breach notification obligations for...more
On Dec. 20, 2023, the Federal Trade Commission (FTC) published a Notice of Proposed Rulemaking (NPRM) to the Children’s Online Privacy Protection Act (COPPA). COPPA was enacted in 1998 and went into effect in 2000. Under...more
In 2023, use of generative artificial intelligence (Gen AI) tools such as ChatGPT went viral. Generative AI platforms can be utilized to create a host of efficiencies across businesses and professions such as drafting emails,...more
On Oct. 6, 2023, a genetic testing company offering ancestry and health reports, 23andMe, announced that its consumers’ data was listed on the dark web. Interestingly, many prominent figures such as Mark Zuckerberg, Elon Musk...more
On Nov. 27, 2023, Nashville-based healthcare corporation Ardent Health Services (Ardent) announced that a ransomware attack impacted 30 of its hospitals and forced the shutdown of several emergency rooms in at least three...more
On Oct. 30, 2023, President Biden signed the Executive Order (EO) on Safe, Secure, and Trustworthy Artificial Intelligence that seeks to regulate the use of artificial intelligence (AI) by balancing national security concerns...more
On Jan. 10, 2023, the Federal Trade Commission (FTC) finalized its order against online alcohol marketplace, Drizly, and its CEO, James Cory Rellas for failing to implement security safeguards that led to a data breach in...more
On Sept. 11, 2023, Delaware became the next state to enact a comprehensive consumer data privacy law as Gov. John Carney signed the Delaware Personal Data Privacy Act (DPDPA) which will go into effect on Jan. 1, 2025. The...more
On July 10, 2023, the European Commission adopted its adequacy decision on data transfers for the EU-U.S. (European Union/United States) Data Privacy Framework (DPF). The adequacy decision concluded that the United States...more
7/25/2023
/ Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Schrems I & Schrems II ,
Standard Contractual Clauses
On June 5, 2023, the Nevada Legislature passed an amended version of Senate Bill 370 (SB 370 or the Act), which imposes new requirements on the collection, use and sale of consumer health data. The bill was signed on June 22,...more
The FTC won’t let them be! No, not Eminem, online service providers. Right on the heels of fining Epic Games and Amazon, for violations of the Children’s Online Privacy Protection Act (COPPA), the FTC set its eyes on...more
On May 31, 2023, Amazon agreed to pay a $25 million civil penalty to settle Federal Trade Commission (FTC) charges that the company retained sensitive information collected from children using Alexa, in violation of the...more
On March 9, 2022, the Security and Exchange Commission (SEC) proposed new rules to improve upon and standardize cybersecurity-related disclosure obligations for public companies. The SEC is expected to finalize the rules in...more
On Dec. 19, 2022, Epic Games, the developer of popular video game Fortnite, agreed to pay more than $520 million to settle Federal Trade Commission (FTC) claims that alleged a violation of the Children’s Online Privacy...more
On Jan. 1, 2023, both the California Privacy Rights Act (CPRA) and Virginia Consumer Data Privacy Act (VCDPA) come into effect, introducing new and updated data privacy and security obligations to covered entities. As these...more
In Mora v. J&M Plating, Inc., No. 2-21-0692, 2022 IL App (2d) 210692 (Ill. App. Ct. 2d Dist. Nov. 30, 2022), the Illinois Second District Court of Appeals held that Illinois’ Biometric Information Privacy Act (BIPA or Act)...more
It is often questioned how someone’s career path, which began with asserting and defending patents in litigation, transforms to a career focused on cybersecurity and data privacy, as mine has in the last two decades of...more
New York’s Cybersecurity mandate under the New York SHIELD Act became effective on March 22, 2020. This unfortunate timing, considering its alignment with the beginning of COVID-19 shutdowns, created an almost unspoken...more